Attackers can sniff Wi-Fi networks in monitor mode to intercept the data without connecting to the router. Is it possible to check if somebody is sniffing my network?
Asked
Active
Viewed 5,114 times
2 Answers
34
No, they're just getting the radio waves out of the air. As long as they're not sending anything, you can't tell that they're receiving. (It's like how FM radio stations can't tell who or how many people are listening.)
I have heard that some wireless access points can direct the radio signals to the appropriate clients, which is pretty neat, but you shouldn't rely on just physical location for information security.
If you're concerned about people sniffing your wireless traffic, enable encryption/authentication and use a strong password. Even better, encrypt important traffic at another layer (TLS/HTTPS) so even the access point can't see anything sensitive.
Ben N
- 42,308
0
I would say "You can sometimes detect sniffers".
I.e. It is possible for a sniffer to work in a careful enough manner that they are practically invisible. But as noted at Can I detect sniffers in monitor mode on my Wi-Fi?:
- some wifi implementations leak information, e.g. apparently some wifi chipsets from Cisco and Atheros would emit management frames even in monitor mode
- some sniffers (either humans or their tools) use information they observe in ways that expose their knowledge and thus their practices, etc. Setting up a honeypot might lead them to expose their sniffing behavior. For example, you could share some credentials in an unencrypted connection to a sensitive-sounding website, and then monitor that site or account to see if the sniffer tries to exploit that info e.g. by logging in.
nealmcb
- 604