It appears that my roomies are some real jokers. For the past couple of weeks they have been able to know where I go on the net, mostly. I found it really strange they knew because I have passwords on everything, even the bios to boot my computer, and only I have access to it. Then one day one of them mentioned something about a packet sniffer. How can I keep them from doing this? I read that a VPN that's encrypted is the only way? What other solutions would be cheaper (broke college kid here) and easier to do than a VPN?
Get your own internet connection and password secure the router and wireless access
There are only 3 ways to secure your traffic 1. Ensure no one has physical access to it 2. Ensure that you only use SSL (https) access for email and web use 3. Set up a remote server somewhere in a secure location, that you can VPN to, and then have it send traffic on to the internet
Don't forget that there is a non computer way to know where you've been. Your roommates could have simply placed a camera in the room pointed at the screen.
It could be a lot of things. Either a harware or software keylogger would record keystrokes. A trojan or backdoor would allow them access to your browsing history. A packet sniffer would allow them to see the data stream.
Since they mentioned a packet sniffer, I'll assume that's how they are doing it. Basically, they route all of the network traffic through thier machine before it goes out onto the net. Unless you have both physical and logical access to all of the network hardware, there is really nothing you can do to stop that. The only way to block them is to encrypt all the traffic. A VPN is the only practical way to do that. There are a lot of VPN services out there. Google Hotspot VPN and you will see a lot of fairly cheap ones. They will block them from seing any of your traffic.
The larger issue here is that they need a good old-fashioned ass kicking. I personnaly would never put up with that crap. I travel with a bunch of these types and they are always messing with the hotel networks. I have a simple policy that if I catch them, they will pay in every way possible (and I use a VPN to keep them honest). Depending on who owns the network, there could be severe criminal and civil penalties involved. At the very least, it's a serious breech of trust and needs to be discussed. This is no different than them putting a camera in the bathroom, tapping the phone, or opening your mail. Time to get new friends.
coloradohigh
New Member
posted: Nov. 6, 2009 @ 9:46a
Agree on two possibilities - keylogger (some of hte more common ones are accessed by pressing ctrl-alt-shift (the left ones on your keyboard) that will bring up a menu - see pandora as an example.
If they are truly packetsniffing, there are some good "safe browser" services that, for a fee, let you log into their VPN and surf that way - you are secure, ananymous etc... Search for anonymous surfing.
mikecism
Member
posted: Nov. 7, 2009 @ 11:00a
The either have a key logger on your machine or are sniffing the wire.
One way to check is to install JAP (Java Anonymous Proxy), and use that exclusively for going to web sites. They won't be able to see where you are going on the web, and if they can, they have a keylogger other spy software on your PC.
mikecism
Member
posted: Nov. 7, 2009 @ 11:06a
Oh, and JAP is free, so it fits your budget.
I agree on the arse kicking. Next time they do this, prank back. Shredding the contents of a wallet always is good. But then they may retaliate, in which case a good bust in the chops usually tells them enough is enough.
Are you on a wired or a wireless connection? I'm going to assumed wired, or else wireless with no encryption. Best way to avoid packet sniffing is if all of your traffic is encrypted - easiest way to do that is to use a wireless access point or router with WEP turned on. Then they can sniff all day long & get nothing but encrypted garbage. Just make sure you change the default password on the router, and don't share the encryption key.
Sorta
New Member
posted: Dec. 20, 2009 @ 2:12p
jeffbx said: Best way to avoid packet sniffing is if all of your traffic is encrypted - easiest way to do that is to use a wireless access point or router with WEP turned on.
Never rely on WEP. WEP is a complete joke. WEP is super easy to get around and I got news for you WPA isn't much better than WEP is. The OP's question is a good question because ten years ago you had to walk a mile before you ran into a packet sniffer. Nowadays there are people in my apartment building who can do it in their sleep it's that easy. Wikipedia has a fantastic page that details all of WEP's weaknesses and don't forget to donate a dollar or two to Wikipedia:
"Beginning in 2001, several serious weaknesses were identified by cryptanalysts with the result that today a WEP connection can be cracked with readily available software within minutes. Within a few months the IEEE created a new 802.11i task force to counteract the problems. By 2003, the Wi-Fi Alliance announced that WEP had been superseded by Wi-Fi Protected Access (WPA), which was a subset of then upcoming 802.11i amendment. Finally in 2004, with the ratification of the full 802.11i standard (i.e., WPA2), the IEEE declared that both WEP-40 and WEP-104 'have been deprecated as they fail to meet their security goals'. Despite its weaknesses, WEP is still widely in use. WEP is often the first security choice presented to users by router configuration tools even though it provides a level of security that deters only unintentional use, leaving the network vulnerable to deliberate compromise."
Unless you're running a VPN the safest Wi-Fi connection is one that's not connected to the Internet. In other words stay hardwired whenever possible.
Disclaimer: By providing links to other sites, FatWallet.com does not guarantee, approve or endorse the information or products available at these sites, nor does a link indicate any association with or endorsement by the linked site to FatWallet.com.
Members of our community may attach files to a post in accordance with the User Agreement. FatWallet is not responsible for the content, accuracy, completeness or validity of any information contained in any attached file. Files have *not* been scanned for viruses. Be especially wary of Excel files which may contain malicious content.
