# small question about sniffing



## s. (Jun 4, 2011)

hello,
i want to ask if it is possible that one can sniff the first request packet that i send or he cannot???
i think he can sniff the traffic but not the request, is that right???
please if any thing not clear in my question please tell me to clear it
thanks in advance to any help
regards


----------



## Jetster (Jun 4, 2011)

Its not clear...what programs, what traffic


----------



## s. (Jun 4, 2011)

i mean for example when i send a traffic, that traffic contain (syn packet in TCP is the first request packet in the traffic) first request packet and the later packets is that contain the information, ok
now it is possible for some one to sniff that first request, or he can start sniffing after that packet
is it now clear please
thank you for your reply and trying to help
regards


----------



## slyfox2151 (Jun 4, 2011)

im fairly certain you can sniff every single packet you send/receive. assuming this person has access to your connection locally via a hub.




to answer in a simple way, Yes. if they can sniff a packet, they can sniff every packet. it does not matter the order.


----------



## s. (Jun 4, 2011)

thank you very much
ok, that is very helpful
now in the real network(leaf network)where me and many people share the same ISP (by wire or wireless), you mean that is possible here??
so that is mean sniffing can never defened, is it true
when there is an important information in the header feild (of only the first request packet(syn packet)) it can be sniff, is that right???

thank you very much for your help
best regards


----------



## Kreij (Jun 4, 2011)

Hi s,

If someone has access to the packets travelling through a network whether it's wired or wireless, they can read all the packets that are transfered over the medium if they know how to do so.

If you are worried about someone intercepting packets make sure everything that you send is encrypted. They will still get the packets but it will be very difficult for them to be able to decipher them if a good encryption method is put into place.

If the data is so extremely sensitive that you cannot risk anyone deciphering it, there are techniques for that also, but require additional communication outside the network (offline) to get the decryption information (keys) to people who will be receiving the data.


----------



## s. (Jun 4, 2011)

thank you very much for the information you explain
what i am worried about is a key in the header that i want it not to be used from other one(it was for auth. the client by the nearest router), when he know my ip address and want to know the key that associated to that ip(to use my identity), so also if i encript it i think it does not be helpful, isn't that???? because he also can use that encription with my ip together
thank you very much for your help
best regards


----------



## Easy Rhino (Jun 4, 2011)

slyfox summed it up. you can easily intercept and read packet info with a hub if you have physical access to the network.


----------



## s. (Jun 4, 2011)

so, you mean what i say is true
there is no way to prevent person who do that?
thank you for your reply
regards


----------



## Easy Rhino (Jun 4, 2011)

the only way i think is to use SSL encryption on the LAN so at least the information is encrypted. there may be a better way.


----------



## s. (Jun 4, 2011)

thank you very much for that idea
the problem i had is i need the header to be secure, the information in the packet not matter,
i think the SSL is used to secure the info. in the packet, isn't that
best regards


----------



## Easy Rhino (Jun 4, 2011)

hrm true i guess. are you specifically worrying about tcp packets or ip packets?


----------



## s. (Jun 4, 2011)

ip packets' option feild


----------



## Easy Rhino (Jun 4, 2011)

if the person has a hub on the LAN and the information is not encrypted then the person can capture all data, including the first request packet. at least that is what i believe. somebody with more network experience will know more or be able to explain it better.


----------



## s. (Jun 4, 2011)

what you try to do for me is very kind of you 
and i am very thank to you
best regards


----------



## Steevo (Jun 4, 2011)

Unless you are on a separate node you can capture all the data being transmitted across your network with a few exceptions. I can listen in at work to the data from all systems and see all the packets.

Hubs, switches, and most consumer grade devices will not route data off the network unless they are a endpoint device to the node.

Are you looking to sniff packets to determine network usage, or just hacking on neighbors networks? If you want to know network usage use a service like openDNS or buy a decent firewall and forget trying to capture data. If you are hacking a network, go away.


----------



## s. (Jun 4, 2011)

thanks for your reply
no don't worry i am not a bad person, be sure, what i am asking for is to see how can the hackers distroy my security (that is in my study)by sniffing and i need your help for that 
best regards


----------



## LordJummy (Jun 22, 2011)

"All those packets will be lost in time, like tears in rain"

If a packet is sent over any network, wired or wireless, someone with physical access to that network absolutely has the ability to listen in and capture all packets. Encrypted or not he can see/sniff them.

Is this a LAN or WAN? If it's a LAN, is it a simple physical network? Does it have wireless segments? 

If it's a WAN things are a bit different. I saw something about a leaf network so I'm assuming this is a WAN spread out over several public networks...

I know I'm a little late to jump in here but I'm really interested in what the network layout looks like. I might have some helpful suggestions on how to circumvent this guy.


----------



## s. (Jun 22, 2011)

thank you very much for your reply
leaf network like that with the ISP , i assume it has wireless segments
thanks for your attention


----------



## Kreij (Jun 23, 2011)

Here is the sum total of electronic communications, s.
If you absolutely, positively cannot risk the slightest chance of someone intercepting your electronic transmission. Don't send it.
This includes internet, telephone, cell, coded CB, direct satellite or any other electronic means of communication.
If a person has enough resources and/or access to the link, they can get your transmitted data.

The only thing you can do to mitigate the problem is to encrypt all the data you can so that even if they do get it, it will be very difficult for them to decipher what you have sent.

If the person is intent upon spoofing your identity (for whatever reason) they will be able to accomplish this if they are good enough, but that too can be mitigated but is way beyond being explained here on TechPowerUp.

Even if you travel to the person who is to receive the message and tell them verbally, there are ways to listen in to the conversation, even remotely. 
If the person watching you has *that* many resources, you are probably already compromised in many ways.

My advice ... just use a secure transport protocol and make sure both the transmitting and receiving computers are protected with good firewalls to prevent intrusion, and you should be fine.


----------



## s. (Jun 24, 2011)

thaaaaank you very much for your helpful information
best regards


----------

