4 Comments
User's avatar
Dave Woolcock's avatar

How can I tell if any devices on my residential network have been compromised?

Pierluigi Vinciguerra's avatar

That’s a good question and it’s not that easy to understand. Usually you should put a “Man In The Middle” between your device and your exit node to the internet (the router usually) and intercept unwanted traffic.

Dave Woolcock's avatar

It’s been years since I’ve done this… for a wired connection u need to patch in a hub that can do port replication, then record the traffic on a laptop plumbed in to the duplicated port and look at it with Wireshark. Is that right? What about WiFi connections?

Pierluigi Vinciguerra's avatar

You can use HTTP Toolkit; you install a listener and an SSL certificate on the device you want to monitor. Then you route its traffic to a specific port of the listener and you're good!