How can I see what others are doing on my network?
Is there a way for me to know what others browse through my network? How can I defend myself against these intruders?
I came across some lines that got me curious, those lines were - Your home network—and everything connected to it—is like a vault. Behind your login lies tons of valuable information, from unencrypted files containing personal data to devices that can be hijacked and used for any purpose.
- Yes, you can see what others are doing on the network. In order to Protect yourself, use high security encrption level like WPA2. It assing differnet Keys to each WiFi Client. How to trace:
- Check your router for attached devices. You can use PingTestEasy to discover devices on your network. Or can ise this method to check WiFi Clients on a network.
- Note down the IP address of the device. Next, you can either capture packets directly using Wire Shark, or further analyze the device for known vulnerabilities and open ports using NMap. Open NMap and scan the IP for open ports and OS info.
- Once the scan completes, look out for open ports and OS details. You'll also be able to see the services that are using specific ports: one way to see the what purpose a particular device is serving on the network. Next, you can launch a packet capture to analyze the traffic between the node and the router.
- Select a protocol (say http) and choose a packet at random. Right click on the packet and choose Follow>TCP Stream. Packet header and content in separate blocks. Note that the host is mentioned in the header. (WireShark) Similarly, you can analyze ICPM/SSH/SSDP/DLNA/Etc. packets and see what the device is doing on the network.
- Harvesting router web-config credentials using WireShark packet capture. Things can get trickier and interesting if there's an SSL site involved. You'll need to launch a man-in-middle attack using something like MetaSploit, or install payloads on the client through webscripts deployed using DNS manipulation.
Other than that, you can impose a transparent proxy on your network and monitor activities from there. Also, you can log connection history using a pfSense box. Most of this comes under softcore hacking. Hacking, however, is illegal, under any pretext whatsoever. You can get sued if there's a security breach/identity theft/phishing attack on the network just because you previously tried to do the same. Your computer can be stripped for evidences. Likely is that you'll get into trouble. Now that you know this stuff doesn't mean that you should immediately test it out, and that too on a third person.