Introduction to Common (and not so common) Cyber Threats – Part 4 – Network Monitoring

In my last article I dangled a little bit of a program in your face. That program was called Wireshark. I also said i would be talking about how computers talk to each other, and how to read just what it is Wireshark will be showing you. So without further adieu lets jump right into it.

Computer Speak

     As you may or may not know, computers talk to each other at the speed of electricity, which is pretty darn fast,  but did you know that they speak in only one language? Well you may say that aren’t you typing this in English using letters? Why yes I am, but the computer itself interprets everything as a series of either 1’s or 0’s, this base language is called Binary (base 2), and is the basis for how the computers talk. When  you connect your computer to the internet it releases a whole bunch of information at lightning speed in this “Binary” language.  Normally this information will be unreadable to humans in its current format, unless you have a genius savant who only speaks in Binary, and if you do, you should be saying to yourself, “Damn I should have taken the blue pill”, because you live in the matrix. What im saying is that it is  almost impossible for any living human being to speak and read binary, and understand it without translating it into a human readable format.

Wireshark and Human Readable Format

     Wireshark at its core is a packet sniffer. What that means is that it takes the information that is going either through the air or on a wire if the computer is hooked up to one, and sniffs (collects) that information and translates it into a readable format. At its base you can view the Binary but it will translate it into Hexadecimal (base 10) which is somewhat easier to read, and once it is in Hex it will be much easier to translate into English.

Now there are a multitude of packet types that wireshark will collect, and I will not be able to list all of them without going over the maximum allowed characters, but i will go over the most common one now a days, and you know what?  Your computer is sending them right now, even as you read this article, those packets are called TCP/IP packets (Transport Control Protocol /Internet Protocol).

These packets are where the vast majority of your personal information is, such as the IP address of your computer, the MAC (physical) address of the hardware in your computer,  and if the bad guy is good enough he’ll be able to tell how many ports and services you have running on your computer from one to two different TCP/IP packets.

What this means

     If you have been following my articles you should know that there are many, many, many, ways that people and government agencies could get you private information, and one of these ways is packet sniffing on a network.

     This is where they can get all the information associated with your computer so that they can do malicious things to it. Now there is no way that you can simply not have this information go out because it is essential for computers to talk to each other, and for you the reader, to be able to actually read this article. But where others could be sniffing on your network, you could be too so that when you familiarize yourself with Wireshark and the languages it speaks, you’ll be able to see if someone is sniffing on your network trying to get access so that you can stop them.

In part five of my series Introduction to common (and not so common) Cyber threats, I will explain a technique that bad guys and the government use to collect your information with Wireshark and how to guard against it, as well some basic security settings you can use for your wireless router.

    Until then, I look forward to seeing your comments, and as always, Train to Survive!

 Joshua

Follow us on Facebook and YouTube

©2014 Vanguard Survival, LLC

All Rights Reserved