Search Results

Search found 140 results on 6 pages for 'sniffing'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 2/6 | < Previous Page | 1 2 3 4 5 6  | Next Page >

  • Bittorrent surveillance/monitoring

    - by Flamewires
    Is there any tool to sniff bittorrent traffic and reassemble data about the torrent? Im looking for file names, peers, tracker address, local IP, etc. This is purely for academic interest in which all parties would be willing participants and therefore please dont upvote responses that talk merely about legal issues with using this kind of approach on a production network. I also am assuming that the torrent connections are unencrypted. Thanks

    Read the article

  • Wireshark does not see interfaces (winXP)

    - by bua
    Short story: Wireshark is working....on my winXP-32b ... usage .... Long long time later Wireshark does not work It can't find any usefull interface (just VPN) ipconfig /all Ethernet adapter Wireless Network Connection: Media State . . . . . . . . . . . : Media disconnected Description . . . . . . . . . . . : Dell Wireless 1490 Dual Band WLAN Mini-Card Physical Address. . . . . . . . . : SOME VALID MAC Ethernet adapter eth0: Connection-specific DNS Suffix . : xxxx Description . . . . . . . . . . . : Broadcom 440x 10/100 Integrated Controller Physical Address. . . . . . . . . : SOME VALID MAC Dhcp Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes IP Address. . . . . . . . . . . . : 192.168.12.68 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 192.168..... ..... Ethernet adapter Local Area Connection: Media State . . . . . . . . . . . : Media disconnected Description . . . . . . . . . . . : Fortinet virtual adapter Physical Address. . . . . . . . . : SOME VALID MAC Following steps didn't help: Several Wireshark re-installation Several LIBPCAP re installation SP3 for winXP Any ideas welcome.

    Read the article

  • Is it possible to impersonate another WAP by intercepting communication with other client?

    - by OSX NINJA
    There is a well known WAP that lots of people use. Someone comes in with a laptop equipped with a sniffer. The laptop sniffs people trying to log on to the WAP. It intercepts the connection, and when people try to log on to the WAP, they unknowingly log on through that person's laptop instead. All communication between the WAP and people's laptops go through that person's laptop. That person's laptop is able to block access to certain websites that the WAP would normally allow.

    Read the article

  • How do I view the location of an swf file that is obfuscated somehow.

    - by atticus
    Specifically, I'm trying to view Elmo's Keyboard-o-rama fullscreen. The original swf file has been moved and obscured. For a toddler, this game really needs to be full screen! The toddler doesn't mind too much and has already lost interest in the game for the day. But it's just driving me crazy. I've tried the usual method of viewing the page info in Firefox to no avail. And before people start trying to delete this for being game specific, I would like to know how to do this for any obfuscated swf location, not just games. Thanks in advance. If anybody knows how to find the appropriate information in tcpdump or wireshark, that could probably help, too. That's what I'm trying to do right now.

    Read the article

  • Setcookie > sniff > output on same page

    - by lokust
    Hi, I wonder if someone can help shed some light on this: I drop a cookie if a user arrives to the site with a specific key/value in query string. i.e.: http://www.somesite.com?key=hmm01 The cookie code exists at top of the template before <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML ) : <?php header("Content-Type: text/html; charset=utf-8"); ob_start(); if (isset($_GET['key'])) { setcookie("cookname", $_GET['key'], time()+2592000); /* Expires in a month */ } ob_end_flush(); ?> On the same page though within the : I have the following php code that sniffs the cookie and outputs some text: ` switch ($cookievalue) { case hmm01: echo "abc"; break; case hmm02: echo "def"; break; case hmm03: echo "ghi"; break; default: echo "hello"; } ?` -- Problem is when the user first arrives the sniffer script doesn't detect the cookie and outputs the default text: hello Only when user refreshes page or navigates to a different page does the sniffer detect the cookie. Any ideas on how to drop the cookie and output the correct text without a page refresh? Many thanks.

    Read the article

  • Capture DDE Data that is being streamed in to a software

    - by user534391
    Hello, I have a trading software that gets data from the internet. I want to capture that tick data. There is one software that has been made by a local develop which is able to do that and it looks like it uses DDE (NDde.dll, NetSQL.dll). I want to write a custom application that does the same. Any pointers how I can check how the data is being streamed and how to capture that data. I don't think it is encrypted, since the other developer would not have been able to decrypt either. I just need to scan how the software is getting the data. Thank you.

    Read the article

  • is it safe to call "plink.exe" in an application

    - by EBAGHAKI
    i want to use "plink.exe -u username -pw securepassword" on my windows visual c++ program. will username and password remain safe while calling this command? I mean can a hacker steal or sniff the username and password? (consider hacker can't get to the password directly from the exe file)

    Read the article

  • SSL: can the secret key be sniffed before the actual encryption begins?

    - by Jorre
    I was looking into SSL and some of the steps that are involved to set up an encrypted connection between a server and a client computer. I understand that a server key and certificate is sent to the browser, and that a secret code is being calculated, like they say in the following video: http://www.youtube.com/watch?v=iQsKdtjwtYI around 5:22, they talk about a master secret code that is being calculated to start talking in an encrypted way. My question now is: before the connection is actually encrypted (the handshake phase), all communication between the server and the client can be sniffed by a packet sniffer. Isn't it then possible to sniff the encryption key or other data that is used to set up a secure connection?

    Read the article

  • How would I go about writing a Linux TTY sniffer?

    - by alienate
    For educational purposes (not that anyone should care the motivations behind such an exercise) I'd like to write a program that can read/write to/from alternate tty/pty's. I've read papers (from the 1990's) but can't employ the implementation they use, on modern UNIXes. I was hoping that someone had researched into this in the past, or at least, read documentation pertaining to it, that they could provide. I also wonder if (considering the fact that Linux doesn't have STREAMs) if this exercise must be done via a loadable kernel module? I have many questions and probably a misunderstanding of some of the fundamental ideologies that allow such objectives to be put in place, could someone help? :)

    Read the article

  • How does HTTP Analyzer works?

    - by Rampage
    Halo, i am interest in methods, which http analyzer uses to capture data. I would like to write program which saves emails sent via web based clients. The problem is https and HTTP Analyzer solves it, but i dont know how. I got one interesting answer on my question before, but it doesnt reveal as much as i would like to know. Programs like HTTP Analyzer can catch the HTTPS data because they insert themselves in the HTTPS stack. As a result, they get the data after it's generated but before it's being encrypted and put in IP packets. This is highly non-trivial. How it is possible to make? If you have any interesting articles solving this issue, please let me know.

    Read the article

  • How secure is a bluetooth keyboard against password sniffing?

    - by jhs
    In a situation where an admin will enter sensitive information into a keyboard (the root password), what is the risk that a bluetooth keyboard (ship by default with Mac systems these days) would put those passwords at risk? Another way of asking would be: what security and encryption protocols are used, if any, to establish a bluetooth connection between a keyboard and host system?

    Read the article

  • How secure is a bluetooth keyboard against password sniffing?

    - by jhs
    In a situation where an admin will enter sensitive information into a keyboard (the root password), what is the risk that a bluetooth keyboard (ship by default with Mac systems these days) would put those passwords at risk? Another way of asking would be: what security and encryption protocols are used, if any, to establish a bluetooth connection between a keyboard and host system? Edit: Final Summary All answers are excellent. I accepted that which links to the most directly applicable information however I also encourage you to read Nathan Adams's response and discussion about security trade-offs.

    Read the article

  • In what way I can implement packet filtering function in C++/C#?

    - by Network study
    Background: I am going to design a firewall-like application (with GUI) which will include several functions such as Packet sniffing and packet filtering. Both of the functions should be implemented to support different protocol levels including application, transport, network and link layer. I only know a little in C#.Net programming to perform the IP packet sniffing. It is also known that packet filtering requires the techniques in WFP or LSP and packet sniffing in application requires dll hooking. Questions: I am not sure which programming language(either C++ or C#) would be suitable for designing such an application described above. If I want to implement the packet filtering function, any libraries will be needed? edit01: Someone suggest that winDivert would be helpful, is it true?

    Read the article

  • Isolating a computer in the network

    - by Karma Soone
    I've got a small network and want to isolate one of the computers from the whole network. My Network: <----> Trusted PC 1 ADSL Router --> Netgear dg834g <----> Trusted PC 2 <----> Untrusted PC I want to isolate this untrusted PC in the network. That means the network should be secure against : * ARP Poisoning * Sniffing * Untrusted PC should not see / reach any other computers within the network but can go out the internet. Static DHCP and switch usage solves the problem of sniffing/ARP poisoning. I can enable IPSec between computers but the real problem is sniffing the traffic between the router and one of the trusted computers. Against getting a new IP address (second IP address from the same computer) I need a firewall with port security (I think) or I don't think my ADSL router supports that. To summarise I'm looking for a hardware firewall/router which can isolate one port from the rest of the network. Could you recommend such a hardware or can I easily accomplish that with my current network?

    Read the article

  • Database Activity Monitoring Part 1 - An Introduction

    We are inundated with new technologies and products designed to help make our organisations safe from hackers and other malcontents. One technology that has gained ground over the past few years is database activity monitoring. It makes sense to protect valuable databases, and by adding an intelligent monitor capable of sniffing out threats an additional level of protection can be gained. But what is database activity monitoring and why should you care?

    Read the article

  • Does SNI represent a privacy concern for my website visitors?

    - by pagliuca
    Firstly, I'm sorry for my bad English. I'm still learning it. Here it goes: When I host a single website per IP address, I can use "pure" SSL (without SNI), and the key exchange occurs before the user even tells me the hostname and path that he wants to retrieve. After the key exchange, all data can be securely exchanged. That said, if anybody happens to be sniffing the network, no confidential information is leaked* (see footnote). On the other hand, if I host multiple websites per IP address, I will probably use SNI, and therefore my website visitor needs to tell me the target hostname before I can provide him with the right certificate. In this case, someone sniffing his network can track all the website domains he is accessing. Are there any errors in my assumptions? If not, doesn't this represent a privacy concern, assuming the user is also using encrypted DNS? Footnote: I also realize that a sniffer could do a reverse lookup on the IP address and find out which websites were visited, but the hostname travelling in plaintext through the network cables seems to make keyword based domain blocking easier for censorship authorities.

    Read the article

  • Detect blocked popup in Chrome

    - by Andrew
    I am aware of javascript techniques to detect whether a popup is blocked in other browsers (as described in the answer to this question). Here's the basic test: var newWin = window.open(url); if(!newWin || newWin.closed || typeof newWin.closed=='undefined') { //POPUP BLOCKED } But this does not work in Chrome. The "POPUP BLOCKED" section is never reached when the popup is blocked. Of course, the test is working to an extent since Chrome doesn't actually block the popup, but opens it in a tiny minimized window at the lower right corner which lists "blocked" popups. What I would like to do is be able to tell if the popup was blocked by Chrome's popup blocker. I try to avoid browser sniffing in favor of feature detection. Is there a way to do this without browser sniffing? Edit: I have now tried making use of newWin.outerHeight, newWin.left, and other similar properties to accomplish this. Google Chrome returns all position and height values as 0 when the popup is blocked. Unfortunately, it also returns the same values even if the popup is actually opened for an unknown amount of time. After some magical period (a couple of seconds in my testing), the location and size information is returned as the correct values. In other words, I'm still no closer to figuring this out. Any help would be appreciated.

    Read the article

  • Where are the real risks in network security?

    - by Barry Brown
    Anytime a username/password authentication is used, the common wisdom is to protect the transport of that data using encryption (SSL, HTTPS, etc). But that leaves the end points potentially vulnerable. Realistically, which is at greater risk of intrusion? Transport layer: Compromised via wireless packet sniffing, malicious wiretapping, etc. Transport devices: Risks include ISPs and Internet backbone operators sniffing data. End-user device: Vulnerable to spyware, key loggers, shoulder surfing, and so forth. Remote server: Many uncontrollable vulnerabilities including malicious operators, break-ins resulting in stolen data, physically heisting servers, backups kept in insecure places, and much more. My gut reaction is that although the transport layer is relatively easy to protect via SSL, the risks in the other areas are much, much greater, especially at the end points. For example, at home my computer connects directly to my router; from there it goes straight to my ISPs routers and onto the Internet. I would estimate the risks at the transport level (both software and hardware) at low to non-existant. But what security does the server I'm connected to have? Have they been hacked into? Is the operator collecting usernames and passwords, knowing that most people use the same information at other websites? Likewise, has my computer been compromised by malware? Those seem like much greater risks. What do you think?

    Read the article

  • Optimize website for touch devices

    - by gregers
    On a touch device like iPhone/iPad/Android it can be difficult to hit a small button with your finger. There is no cross-browser way to detect touch devices with CSS media queries that I know of. So I check if the browser has support for javascript touch events. Until now, other browsers haven't supported them, but the latest Google Chrome on dev channel enabled touch events (even for non touch devices). And I suspect other browser makers will follow, since laptops with touch screens are comming. This is the test I use: function isTouchDevice() { try { document.createEvent("TouchEvent"); return true; } catch (e) { return false; } } The problem is that this only tests if the browser has support for touch events, not the device. Does anyone know of The Correct[tm] way of giving touch devices better user experience? Other than sniffing user agent. Mozilla has a media query for touch devices. But I haven't seen anything like it in any other browser: https://developer.mozilla.org/En/CSS/Media_queries#-moz-touch-enabled Update: I want to avoid using a separate page/site for mobile/touch devices. The solution has to detect touch devices with object detection or similar from JavaScript, or include a custom touch-CSS without user agent sniffing! The main reason I asked, was to make sure it's not possible today, before I contact the css3 working group.

    Read the article

  • Boost::Asio - Remove the "null"-character in the end of tcp packets.

    - by shump
    I'm trying to make a simple msn client mostly for fun but also for educational purposes. And I started to try some tcp package sending and receiving using Boost Asio as I want cross-platform support. I have managed to send a "VER"-command and receive it's response. However after I send the following "CVR"-command, Asio casts an "End of file"-error. After some further researching I found by packet sniffing that my tcp packets to the messenger server got an extra "null"-character (Ascii code: 00) at the end of the message. This means that my VER-command gets an extra character in the end which I don't think the messenger server like and therefore shuts down the connection when I try to read the CVR response. This is how my package looks when sniffing it, (it's Payload): (Hex:) 56 45 52 20 31 20 4d 53 4e 50 31 35 20 43 56 52 30 0a 0a 00 (Char:) VER 1 MSNP15 CVR 0... and this is how Adium(chat client for OS X)'s package looks: (Hex:) 56 45 52 20 31 20 4d 53 4e 50 31 35 20 43 56 52 30 0d 0a (Char:) VER 1 MSNP15 CVR 0.. So my question is if there is any way to remove the null-character in the end of each package, of if I've misunderstood something and used Asio in a wrong way. My write function (slightly edited) looks lite this: int sendVERMessage() { boost::system::error_code ignored_error; char sendBuf[] = "VER 1 MSNP15 CVR0\r\n"; boost::asio::write(socket, boost::asio::buffer(sendBuf), boost::asio::transfer_all(), ignored_error); if(ignored_error) { cout << "Failed to send to host!" << endl; return 1; } cout << "VER message sent!" << endl; return 0; } And here's the main documentation on the msn protocol I'm using. Hope I've been clear enough.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 1 2 3 4 5 6  | Next Page >