WireShark Sniffing The Network

Yesterday I was reading the usual introductory security info stressing the importance of not sending passwords across the network in cleartext where they could be intercepted.   I pondered how hard it would be to find a password that way.   So I decided to try to capture my own password.

First I d/l and installed wireshark

# apt-get install wireshark

Then I ran wireshark from the command line as root so it would be able to open the network devices

# wireshark

In and among my usual web browsing I’ve been watching what sort of traffic flows on my network.   Wireshark is a truly excellent sniffer.   This weekend sometime I will setup a sniffer to follow all traffic on my network going to a website that I use that does not encrypt passwords and capture my own password.   I suspect it will be a simple thing to do.

(UPDATE : It was simple…. https://bitznbitez.wordpress.com/2012/03/03/stealing-passwords-or-why-encrypted-connections-matter/ )