Look for the email traffic & recombine the packets to follow the conversation, but you still cannot read https traffic.Īll you will be able to find is passwords or form values for websites that do not use https.Decrypt the wifi traffic (you need the network key for this since wifi itself is encrypted (WEP, WPA, WPA2 etc).Monitor in promiscous mode on the same wifi channel as the network.You can try viewing the network traffic to find passwords for these services, but it is very involved… That should prevent the mail being sent in plain text across the network, however email is inherently insecure as a service (it bounces from mail server to mail server with to & from addresses visible) so the kids may be better off using iMessage or another chat service that has some level of encryption / privacy. If they are using an email client like Apple Mail check the settings again for each mail server, there are options to only use the specific server, and only use secure protocols (SSL,TLS…). Explain to the kids why the 'green lock' in the address bar (indicates https) is important for reading email or any other 'private' data.ĭo the same with search engines (so their searches may be 'invisible' to the local network). Bookmark the https url for the child, and remove any http urls for the same site so they are less likely to use http by accident. When logged in does the website remain on https, if it goes to http instead the email content could be visible on that network. Some providers will only allow login via https which is secure, http is not secure, these can usually be 'forced' with account settings. If it is via webmail in the browser (or a 'browser based' app) look for account setting to only use https. Look at the devices - how are they accessing the email? You can 'live boot' the Mac from a Kali USB stick if you don't want to install it but it is another few hundred things to learn ! had some wifi & wireshark tutorials that will be going out of date, but possibly relevant to a newbie □ They have all the correct tools built in with many tutorials all over the net. Kali Linux or another 'penetration testing' Linux distro. The Mac OS isn't really designed for this & I think you would be better off selecting the right tool for the job, e.g. It all sounds a little dubious, but not necessarily illegal provided you own the devices, network & everyone using the network knows this is happening too. There are systems in place that prevent you seeing passwords in plain text (like https which should be used for any sensitive data nowadays). The ones used to connect to the network? Or ones sent over the wifi to services like iCloud or other websites?īoth need a different approach & there is every possibility you cannot find them without having to 'intervene' on the clients.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |