Situation:

  1. There is a router at home, it distributes wifi + to the router via a wire a laptop is connected, the wifi network is password-protected;

  2. The attacker gets access to the wifi network, and gets access to the admin panel of the router;

  3. The attacker can already without straining to listen to all traffic passing through a wireless connection wifi.

Questions:

  1. Can an attacker listen to the traffic of a laptop that is wired?
  2. How to secure a wired and wireless connection in this situation?
  • The provider has a legally required “black box” with SORM equipment, which allows listening to the traffic of any subscriber of this provider. Who and how has real access to this equipment, and how (well?) Is it really protected an open question. Maybe an acquaintance working for a contractor dealing with this equipment will give you a technical password for a friend? Eavesdropping traffic can be anywhere between your laptop and the other "end." Look at the question wider. - Sergiks
  • Password change and restart router - Darth
  • I read about the wifi hacking method, where the network adapter was switched to monitoring mode, then finding the client's wifi network, sent him a packet on behalf of the router with a request to reconnect, then the device reconnected to wifi and the password packet was dropped by the attacker. If it’s so easy to get a password, does it make sense to increase the complexity of the password? - Alexey
  • In practice, the password is encrypted, much depends on the complexity of encryption. WEP is hacked in a couple of seconds, WPA / WPA2 - in a couple of years. - val
  • And, to be precise, a packet was sent with a message about the disconnection (disconnect-attack). - val

1 answer 1

The answer to the first question: yes, it can. For this, and access to the admin panel of the router is not necessary. An attacker can listen to wi-fi traffic and so, without hacking (not really straining).

The answer to the second question: if you do not want to sit through your router, change the password. If "let them sit" - use encryption wherever possible (https instead of http on the web, if the site supports).

  • I thought that the wiretapping can occur only by the category of connecting devices, i.e. if a wireless connection is hacked, then you can only listen to the wireless traffic, if you connect to the wired one, then only the wired one, correct me if I'm wrong. - Alexey
  • The router sends packets to everyone, accept only those to whom they were intended (and those to whom they are interesting). - val
  • It remains only to connect directly, bypassing the router and hope that along the way, no one has connected to the wires))? - Alexey
  • However, in most cases, the external router, that is, a separate one, connected to the main one, filters packets not for devices. The easiest way to check is nmap 192.168.0.1/24 (sometimes 192.168.1.1/24) on a wi-fi device. - val
  • Thank you @val! Not for the sake of a dispute - nevertheless, it remains unclear how you can listen to the wifi traffic, get access to the traffic that was transferred to the router via Ethernet, can you tell me where it is clearly written? Ethernet packets, as I understand it, will not appear in the air? - Alexey