LAN security and sniffing

Hi Everyone,
I don’t know if that’s proper section of forum, but to the point.

Yesterday I used 2 computers to make telnet connection in school. They were next to each other. IP

I launched wireshark and I wanted to see telnet packets and It worked I saw commands I typed :slight_smile:

But, Is it possible to sniff these packets by another computer in classroom for example is at the end of the classroom)

I think that would be impossible because There is a managed switch, as we know switch sends packet to destination port unlike Hub that directs packet to all ports.

Could anyone give an opinion?


if all PC’s are connected to the switch, including the two that are right next to each other … why would you expect the switch to interfere ?

or are the two that are next to each other connected in some other way that doesn’t go via the switch ?

All 10 PC’s are connected to management switch Netgear,

Technically is it possible to sniff packet that not directed to you?
For example I’m
And other 2 PC(for example192.168.100.20, communicate each oder(by telntet) excluding me.
You know I don’t take part in communication between them.
As we know switch for example get packet from and has to sent it to receiver.

So I suspect that’s impossible to sniff packet that’s not directed to you, in case when you’ve got a hub that would be possible because it sends packets to everybody.
Am I correct? :slight_smile:


Wysłane z mojego OV-V10 przy użyciu Tapatalka

I’m still wondering why you’d think ↔ switch ↔

would work, but ↔ switch ↔

wouldn’t … as they both go via the switch ??

I attach explanation from one page

"Each serves as a central connection for all of your network equipment and handles a data type known as frames. Frames carry your data. When a frame is received, it is amplified and then transmitted on to the port of the destination PC. The big difference between these two devices is in the method in which frames are being delivered.

In a hub, a frame is passed along or “broadcast” to every one of its ports. It doesn’t matter that the frame is only destined for one port. The hub has no way of distinguishing which port a frame should be sent to. Passing it along to every port ensures that it will reach its intended destination. This places a lot of traffic on the network and can lead to poor network response times."

I mean frames in switch are like multicast,unicast. Frame is delivered from one PC into another PC that is connected to port in switch.

Meanwhile hub is like broadcast, it handle frames to all ports.

I believe when we’ve got a switch it is impossible to sniff, hear frames, packets, using Wireshark because you’re not a receiver.


Wysłane z mojego OV-V10 przy użyciu Tapatalka

I’m not questioning the documentation…

What I can’t get my head around is why you say it DOES work between 2 PC that have the switch between them

but you think it WOULDN’T work between two different PC’s that only have the same switch between them

that doesn’t make sense … in your example, the network topography is EXACTLY the same between ↔ switch ↔
and ↔ switch ↔
so why would one work, and the other not ?

Ok Mark, I’ll find out packet sniff at Monday. And I’ll let you know.

Wysłane z mojego OV-V10 przy użyciu Tapatalka

or are you saying that and are connected via a hub (which is in turn connected to the switch) … but is on the other side of the switch without being on the same hub ?

No no, everything is connected to one switch and there’s no Hub.

Wysłane z mojego OV-V10 przy użyciu Tapatalka