How to Securely Sniff Wi-Fi Packets with Sniffglue

How to Securely Sniff Wi-Fi Packets with Sniffglue

Sniffing packets over a network is an easy way for hackers to gather information on a target without needing to do much work. But doing so can be risky if sniffing packets on an untrusted network because a payload within the packets being captured could be executed on your system. To prevent that, Sniffglue sandboxes packet sniffing to provide an extra layer of security.


Passive sniffing is stealthy and effective, making it the obvious first step for hackers and pentesters putting together information about a target network. But if you've ever run Wireshark as root before, you might have seen a warning against running it as root. That's because doing so can put your computer at risk, and running a program as root and then having it being hijacked by a zero-day vulnerability is a real risk when capturing random radio traffic.



It's very unsecure running Wireshark this way as every possible Wireshark exploit will be running with the administrator account being able to compromise the whole system.


Wireshark

That means that if an exploit for Wireshark is found or known to some already, that exploit will be able to run as root on your computer if you run Wireshark as root. Because we deal with so many unknowns when receiving radio data, it's essential to take steps to minimize the damage that could occur.


The proper way to avoid radio zero-days is to set up a user that can use the network adapter but can't execute as root. However, it can be confusing for someone setting things up their first time.


For anyone interested in packet sn ..

Support the originator by clicking the read the rest link below.