Me and my roommate have to use wireshark for some assignements in our university. So far i only know how to sniff traffic between my laptop and network. We are connected to the network via switch.
One day we were wondering:
If it was for me to listen to the traffic of my roommates laptop and vice versa?
Is it possible?
You could configure a pc that has two lan cards as a bridge, set it between the switch and uni-network and listen to all traffic going over that port.
In order to recieve other packets you need to enable a certain option in Wireshark, don't remember the name though.
In Germany they can jail you, just because you thought about sniffing. 
I thought in a switched network, you cant listen to packets which are for other ip's than yours.
Is it possible?
short answer: nope.
On the other hand there seems to be tools like arpspoof, which allow it somehow, but here is where it gets complicated :)
http://users.tkk.fi/autikkan/kerberos/docs/phase1/pdf/LATEST_hijacking_attack.pdf
Empire Phoenix said:
You could configure a pc that has two lan cards as a bridge, set it between the switch and uni-network and listen to all traffic going over that port.
I've never lived in a dorm but from what I've seen, the switches are almost always in a data closet somewhere in the hallway. I'm not sure that brute-forcing a lock to physically place a computer somewhere is what he had in mind ;)
Bit late to the discussion - but basically no you can't with wireshark/ethereal.
Thats not to say its impossible tho, but it does require a fair bit of effort. You have to somehow spoof the switch into believing that you are a gateway between you and the target machine(s) using arp spoofing - but the methods you need to do this could be detected by a competent sysadmin - and then you are deep in the sh1t.
I always wanted to be a "hacker", but never had the balls to try it myself, so am not talking from experience - so unless its your own network, play safe and stick to "No you can't do it" :)
p.s. I'm also probably 10 years out of date - but hey
Isn't it a hardware thing? When packets are sent, they naturally arrive at all hosts, but only the designated recipient uses the packet. This happens on the hardware level, but through some low-level modifications it is possible to disable this option, causing the machine to be able to detect packets that it was not intended to receive.
Momoko_Fan said:
Isn't it a hardware thing? When packets are sent, they naturally arrive at all hosts, but only the designated recipient uses the packet. This happens on the hardware level, but through some low-level modifications it is possible to disable this option, causing the machine to be able to detect packets that it was not intended to receive.
http://en.wikipedia.org/wiki/Packet_sniffer
I believe that this is largely ignoring VLANs. This whole thread is really blaine's area of expertise though :)
hello, i'm new to the forum, but i know some about this stuff via the Hak5 podcast.
from what i've heard, you specifically can't sniff other packets on a switch whereas you can if you're on a hub.
the only exception is if you "overload" the switch causing the packets to spew to everyone (to my understanding).
obviously i've never tried it myself.
arpspoof tells other IPs that you are the router and tells the router that you are the other IPs. this will work on most people since you generally don't think about being intercepted.
I'm sure his assignment is long since completed, but its still an interesting thing 
The big problem with ARP spoofing not really mentioned is that a lot of universities require you to 'register' your computer to your account name. I'm not sure if this happens, but it wouldn't surprise me if they were tying your IP to your MAC address at the same time. You could always spoof your MAC then, but I think you'd be more vulnerable to discovery then due to the increased likelihood of routing problems…