While capturing traffic is easy, it is to encrypt it too so when captured it remains unreadable for the attacker. Intercepting traffic is pretty easy with any sniffing program, any user without knowledge and with detailed instructions like the found in this tutorial can carry out an attack intercepting private information.
How to get protected against sniffing attacks To begin, on Debian and based Linux distributions run the following command to install Using Driftnet to capture images with Ettercap:Įttercap is a suite of tools useful to carry out MiM (Man in the Middle) attacks with support for active and passive dissection of protocols, it supports plugins to add features and works by setting the interface in promiscuous mode and arp poisoning. The first part shows how to work with Driftnet and Ettercap and the second part combines Driftnet with ArpSpoof.
This tutorial focuses on intercepting media, specifically images using the Driftnet sniffer, as you will see it will be only possible to capture images going through unencrypted protocols like http rather than https, and even unprotected images within sites protected with SSL (insecure elements).
When we share a network, intercepting the traffic going through it is pretty easy with a sniffer, that’s why protocol encryption such as https is so important, when traffic is unencrypted even credentials go in plain text and can be intercepted by attackers. Sniffing consists of intercepting packets through a network to get their content.