I have been having a bit of fun snooping my wifi network. Its easy since I know the WPA key, I poison the targets arp, then I can sniff all transported passwords, and even more fun, I can hijack the SSL certificate, present my own to the target and capture the should be encrypted passwords in clear text. All good stuff..
however sitting on my desktop pc, which doesn't even have a wireless card in it I can also see my passwords transported on the laptop running the sniffer (which has no wired connection only wireless).
I don't understand how that can work. My PC is on a different subnet than the wireless LAN. My PC is also behind a hardware firewall with no connection to the wireless router.
The wireless/adsl router is a cheap DLINk unit, but are they trying to tell me this whole time even my wired connections are being broadcast out the radio?? To me that is a huge security issue..
Anyone seen the same behavior before? what can i do to stop this? chuck the dlink?
Flamer.