I answered this Super User question today. It asked about network sniffers that are in monitor mode, i.e. just listening to the Wi-Fi radio signals. Such sniffers are particularly insidious because it's not possible to see that they're listening. See, they're just hearing the same radio signals as legitimate clients, and to do that, they don't have to send anything. With nothing being sent, there's nothing for security tools to look for, and no way to know that bad things are in play.
A similar attack on wired connections would involve a physical splitter. Since that device would operate at the physical layer - the world of electrical signals on the literal wire - no network appliance would see anything different.
No comments:
Post a Comment