How public WIFI can be sniffed?
Vložit
- čas přidán 19. 07. 2019
- 💻 More software engineering videos • Software Engineering b...
You might have been told that if connect to an open unencrypted public wifi, to avoid using your personal accounts as data are sent in clear text and can be sniffed. In this video we will explain how exactly this works so if you are ready for some nerding consider watching. Even if you have TLS an attacker can perform a man in the middle attack.
Wired router
Wireless router
Packet sniffing
Table of Content
Wired Router:
Wireless Router:
Packet Sniffing 15:00
Man in the middle attack 17:20
2:40 Private vs public ip address
9:40 NAT
13:40 OSI Model
So guys how can you browse securely in a public wifi? One solution is to use a VPN (virtual private network) service and I really recommend you trying NordVPN one of the best services out there. What Nord essentially does is tunnel your connection through dedicated high bandwidth servers providing additional encryption layers of encryption. We talked about tunneling in this channel. There is a link for NordVPN in the description check them out! you will get a discount and you will be supporting me as well. Thanks!
Tools
Some of the tools that allows you to sniff traffic is Wireshark used heavily by network engineers. It shows you all kind of traffic.
Stay Awesome!
Hussein - Věda a technologie
Hussein, went through multiple videos on your channel. Excellent work and commitment towards sharing and spreading your knowledge.
Thanks. :)
This is best funny version story of "man in the middle attack" I never heard. Man, you are really something! I am really enjoyed!!!
😊 glad I could entertain 😀
I love the way you make it trivial to learn about the topic! you just got a new sub!
Excellent video Hussein!!! A small doubt, you said all the radio waves will be listened by all the devices right ? So even my mobile signals should also be listened by those devices right ? What stops those sniffing devices from intercepting my mobile data traffic ?
Any device can listen to your data if it was monitoring that frequency but the thing is data is encrypted nowadays all the time so unless the attacker performs a man in the middle attack they won’t be able to read anything. Its just noise. Thanks for your message!
weird cause i had that man-in-the-middle attack error while trying to update flutter, thanks for the info will read more about it👍👌
bihire boris its very interesting once you know how it works! Thanks for watching. 😊
You mentioned that traffic is encrypted in HTTPS, so if i make a GET request on HTTPS and i have some parameters being sent as part of GET request, do they are also encrypted as part of PROTOCOL or not? If not, then if i sent the data via POST request, will then the parameters are encrypted?
Harsh Gupta correct, if you are using HTTPS everything is encrypted. Get requests, headers post everything..
How does ARP provides Mac Address? Somewhere somebody has to be contacted to get the Mac Address against the IP Address, so in your video when it was trying to get the IP Address 192.168.1.2, did it get from Router's table or somewhere else?
Harsh Gupta i talk in details about ARP here czcams.com/video/mqWEWye-8m8/video.html
In a nutshell it asks every body in the network
could you do a video on the mac address?
what if the attacker establish another TCP connection between me and VPN
They will be forced to prove they have the VPN certificate to you which they don’t
How to create fack wifi access point ?
Router in Arabic is a masculine name, therefore your brain struggles to not use (he/him) to refer to it 😃
It's hard for someone whose mother tongue is Arabic to escape perceiving the world in non-gender way. For us everything has a gender, because the language doesn't have a neutral pronoun like (it) in English. I'm sure there are other languages too, I think French doesn't have a neutral gender.
When I speak English without being careful with what I say, I tend to use gender pronouns for objects too.
Ali Alhajji sooo true Ali ☝️ the struggle is real bro
Who cares if they get the packets. The packets are encrypted with TLS. They cannot decrypt it :P
Do you know if they can bruteforce into finding the symmetrical key to decrypt it?
Brute forcing is no longer applicable with large keys