Hey /g/, quick netsec question.
What techniques are there to allow one to spy on his home network? I'm asking because I got the feeling that a family member is spying on us, so I'm trying to uncover the truth.
If it helps, most computers are on a wired connection, with laptops an phones on wifi. It's run by the router that we got from our ISP. From what I've seen, its settings haven't been modified, so it's not simply the router redirecting requests through the spy's computer. The settings available are also pretty limited, I don't even think there is a way to do this from the router.
The wired connections go through the walls, so there's no way to tamper with the network cables, plus I checked the connections, everything seems fine.
Where else can I go looking?
This is also helpful for me.
My sister is autistic and I'm pretty sure she's talking to crazy people on the internet because she's lonely (she dropped out of school). I need to observe what she's doing.
Not mine sadly
>one day you may
As I said, I took a look in the router's configuration to see if any custom DNS servers were set, but it was still configured to the ISP's default servers. What could be done however, is set the DNS server to your own computer and simply log the requests. I have an OpenWRT router which I could use for that, but I have no desire to spy on my own family. You could even somehow resolve all domains to your PC's address and just forward all traffic, but that would be much more complicated. It might also look suspicious when all sites resolve to 192.168.1.123. And it might fuck up HTTPS.
How to do that without touching the ethernet wires?
PS: the DNS thingy probably only works on DHCP clients, and then only if no custom DNS is set on the client. Though I doubt your autistic sister cares about DNS, unless she is /g/-grade "autistic"
>there will never be a keyboard with an ergodox-like layout with scissor switches
Nope, I'm not in the US, so Massdrop et al isn't really an option, although I recently discovered that falbatech.pl sells cases, boards all the components needed, at decent prices. I was ready to order until I calculated the price of the whole unit. So I'll wait until I actually got some money to spend. Plus I'm sure I'll be disappointed because I got the wrong switches...
Oh man that brings me back to my uni lectures about networks, I hated that. Something about layers and ARP or whatever... Care to give me some clues on what direction I should start looking?
I don't know how exactly, maybe it'll work fine if you just forward all traffic as-is. But it's possible that the SSL certificate contains the IP address it is supposed to certify and your browser will give you an "untrusted connection" error. Just speculations.
Not the samefag here bit from what I remember, packets are broadcasted to every machine in the network, and since the packet contains the destination Mac address so the Internet cards accept it or not. At least that's the case for wifi
For ethernet the router has an Internal table corresponding every port to the mac address. And the router constantly send packet ( I think they are called ARP packets) to know what address is who on the network, so he could theoretical poison the internal table of the router, and it will send all the packet to his computer, and after that he can redirect them.
But again that's what I remember on the top of my head and it might be wrong.
P. S To spy any ssl connection he would have to setup a mim ( man in the middle) attack, which is a bit more complex but doable
Looked into ettercap, this shit looks pretty powerful. However I have a problem, could you maybe help me?
The home network is on the 192.168.1.0/24 subnet, however, my computer is on 10.0.0.0/24. How can I tell ettercap to look outside of my own subnet? Is this even possible?