Back to all activities

Network Traffic Analysis

Summary

Any content that is sent out over the network without encryption is easy to intercept; this includes email, web passwords, and chat messages.

This attacker could be someone, such as a patron of the Internet cafe where a staff member is working, who just happens to be using the same local network to connect to the Internet. Or, she could work for an organization with privileged access to the relevant network, such as the Internet Service Provider (ISP) of either the sender or receiver and other network-backbone connections made along the way.

Considerations

    • Treat captured network traffic with the utmost security and empathetic responsibility. They may contain very personal data, passwords, and more. These should not be shared except in specific, intentional samples with anyone, including the organization itself.

Recommendation

    Only use services with "SSL" encryption ("HTTPS"), and consider adding HTTPS Everywhere to browsers. This does not itself guarantee protection from all attacks, but it is a good first-step in protecting information (such as passwords or email) in transit from your computer to the service provider.