Discussion:
about wireshark
(too old to reply)
santo
2022-08-29 10:32:59 UTC
Permalink
Hi all,
can one I use wireshark as user or I must be root?
Thank you in advance
Santo
Bit Twister
2022-08-29 12:26:57 UTC
Permalink
Post by santo
Hi all,
can one I use wireshark as user
$ type wireshark
wireshark is /usr/bin/wireshark
would suggest anyone could run it.

Have you tried it yet ?
Post by santo
or I must be root?
Thank you in advance
It might not hurt to add your login name to the wireshark group, log out/in
and check for it with
id -nG

For any lurkers you might also create the systemd-journal group if it does
not exist and add your login name to it while you are in group management tool.

That will allow you to use journalctl to access the system journal without
having to be root.
santo
2022-08-29 13:07:56 UTC
Permalink
Post by Bit Twister
It might not hurt to add your login name to the wireshark group,
yes, I added my name to wireshark group and ...well, it works...but I
have no idea what to do..
:-(

Sorry, som Off Topic background...
I do not know if people remember my name here, I only post in regard to
installing new Mageia version and am veri ignorant about how things works
etc...anyway...
Auroville is going through some difficult time, there is an attempt by
Government Official and some 'Aurovilians' to take over the management of
Auroville...

Some of these Aurovilians with Gov Off. help, took over the management
of the @auroville.org.in ...I ( we ) from the other side were informend
that our email ID was not safe to use anymore as now the new management
could look into our mails etc...

In fact for sometime I could not access my Google Drive and when trying
to log into my email account I was logged out immedietely ( 'you have
been logged out' message appeared for at least 3 times...)

When I finally managed to log in a message appeared stating that the
domain auroville.org.in was now managed by xxxxc (forgot ...)but the
message clearly stated that this xxxx had now the possibility to look
into datas in my mail box...

I wish I had taken a screen shot of that message ...


Now I can log in but obviously I am very unsure and do not wish to use it
but all my contacts are there...of course I created a new gmail ID but
still...
:-(

( which I will replace in this group)...

ANyway, apologies for this long OT post...I was just trying to find
something that could help, me if and when, someone was logging into my
mail box and record it so that I could sue them, I thought Wireshark was
such option maybe, but it is all way beyond my level...

just disregard if way of topic...and apologies for ...well whatever...

Santo
Post by Bit Twister
For any lurkers you might also create the systemd-journal group if it
does not exist and add your login name to it while you are in group
management tool.
That will allow you to use journalctl to access the system journal
without having to be root.
Bit Twister
2022-08-29 13:52:31 UTC
Permalink
Post by santo
Post by Bit Twister
It might not hurt to add your login name to the wireshark group,
yes, I added my name to wireshark group and ...well, it works...but I
have no idea what to do..
:-(
wireshark allows you to read/collect actual packets sent to/from your
system.
Post by santo
Sorry, som Off Topic background...
I do not know if people remember my name here, I only post in regard to
installing new Mageia version and am veri ignorant about how things works
etc...anyway...
Auroville is going through some difficult time, there is an attempt by
Government Official and some 'Aurovilians' to take over the management of
Auroville...
Some of these Aurovilians with Gov Off. help, took over the management
that our email ID was not safe to use anymore as now the new management
could look into our mails etc...
Yep, whoever owns the server has access to all data on the system.
Post by santo
In fact for sometime I could not access my Google Drive and when trying
to log into my email account I was logged out immedietely ( 'you have
been logged out' message appeared for at least 3 times...)
Yep, could be a system configuration problem and the login authorization
service/daemon may not be running/working and you are not getting the
right/correct message failure.
Post by santo
When I finally managed to log in a message appeared stating that the
domain auroville.org.in was now managed by xxxxc (forgot ...)but the
message clearly stated that this xxxx had now the possibility to look
into datas in my mail box...
Well I would not expect the xxxx organization to post such a message.
going to guess xxxx organization is the cause of the login problem.
Post by santo
I wish I had taken a screen shot of that message ...
Rather than a screen shot, I use import to select/save a desired portion of
of my screen. import is in the imagemagick package/rpm.
Post by santo
Now I can log in but obviously I am very unsure and do not wish to use it
but all my contacts are there...of course I created a new gmail ID but
still...
:-(
Then I suggest saving contacts and whatnot so you always have them regardless
of who you use.
Post by santo
( which I will replace in this group)...
ANyway, apologies for this long OT post...I was just trying to find
something that could help, me if and when, someone was logging into my
mail box and record it so that I could sue them, I thought Wireshark was
such option maybe, but it is all way beyond my level...
Wireshark will not show you what you want unless they are using your system.
If I had your email id/password I could log into it and Wireshark would not
show any traffic/packets of such activity.
santo
2022-08-30 08:07:12 UTC
Permalink
Well to close the tread...
Post by Bit Twister
Yep, whoever owns the server has access to all data on the system.
so my fears are not unfounded
:-(

for the Google Drive...

The admin of the google drive ( through Telegram ) I have subscribed to
showed me with a screen shot he took that the auroville.org.in domain was
not allowed to access it...it seems is legal and institutions like
Universities etc...block their email domain to be used outside their
campus...

( By the way, ust a drive to share italian comics and old movies and TV
series...)

changing the email solved the problem
Post by Bit Twister
Well I would not expect the xxxx organization to post such a message.
It was a pop-up small window and the meaning was clearly that one...

Anyway, thanks for your help, as usual very appreciated...
Santo
David W. Hodgins
2022-08-29 13:59:08 UTC
Permalink
Post by santo
Post by Bit Twister
It might not hurt to add your login name to the wireshark group,
yes, I added my name to wireshark group and ...well, it works...but I
have no idea what to do..
:-(
Sorry, som Off Topic background...
I do not know if people remember my name here, I only post in regard to
installing new Mageia version and am veri ignorant about how things works
etc...anyway...
Auroville is going through some difficult time, there is an attempt by
Government Official and some 'Aurovilians' to take over the management of
Auroville...
Some of these Aurovilians with Gov Off. help, took over the management
that our email ID was not safe to use anymore as now the new management
could look into our mails etc...
In fact for sometime I could not access my Google Drive and when trying
to log into my email account I was logged out immedietely ( 'you have
been logged out' message appeared for at least 3 times...)
When I finally managed to log in a message appeared stating that the
domain auroville.org.in was now managed by xxxxc (forgot ...)but the
message clearly stated that this xxxx had now the possibility to look
into datas in my mail box...
I wish I had taken a screen shot of that message ...
Now I can log in but obviously I am very unsure and do not wish to use it
but all my contacts are there...of course I created a new gmail ID but
still...
:-(
( which I will replace in this group)...
ANyway, apologies for this long OT post...I was just trying to find
something that could help, me if and when, someone was logging into my
mail box and record it so that I could sue them, I thought Wireshark was
such option maybe, but it is all way beyond my level...
just disregard if way of topic...and apologies for ...well whatever...
Santo
Post by Bit Twister
For any lurkers you might also create the systemd-journal group if it
does not exist and add your login name to it while you are in group
management tool.
That will allow you to use journalctl to access the system journal
without having to be root.
Wireshark only allows you to capture traffic that is visible to the network
interface on your computer.

The admin is correct to warn you, that anyone who has physical access to the
computer(s) used by auroville.org.in can read anything stored on those hard
drives. Whether they will or not, is another story. One that you cannot detect
from your computer. That's true any time your stuff is stored on some one
else's computer, whether its auroville.org.in, google, yahoo, or others.

For google drive, the admin of auroville.org.in would only be able to see that
your computer is connected to google, not what you are doing with it. Just like
auroville with the email stored on it's hard drives, google can read anything
that is not encrypted, that is stored on it's drives.

When you connect to https://drive.google.com/drive/my-drive the connection is
encrypted between google and your computer. The admin can see that you're using
drive.google.com, but can't snoop on your login etc. If the password is not
sitting in your email inbox at auroville.org.in then they cannot impersonate
you.

If you don't want stuff that is stored on some one else's computer to be readable
by it's admins, make sure it's encrypted, and only decrypted after it gets to your
computer. That in itself may make you a target of investigation though, depending
on the circumstances.

Regards, Dave Hodgins
santo
2022-08-30 08:13:58 UTC
Permalink
Post by David W. Hodgins
The admin is correct to warn you, that anyone who has physical access to
the computer(s) used by auroville.org.in can read anything stored on
those hard drives. Whether they will or not, is another story. One that
you cannot detect
from your computer. That's true any time your stuff is stored on some one
else's computer, whether its auroville.org.in, google, yahoo, or others.
For google drive, the admin of auroville.org.in would only be able to
see that your computer is connected to google, not what you are doing
with it. Just like auroville with the email stored on it's hard drives,
google can read anything that is not encrypted, that is stored on it's
drives.
When you connect to https://drive.google.com/drive/my-drive the
connection is encrypted between google and your computer. The admin can
see that you're using drive.google.com, but can't snoop on your login
etc. If the password is not sitting in your email inbox at
auroville.org.in then they cannot impersonate you.
If you don't want stuff that is stored on some one else's computer to be
readable by it's admins, make sure it's encrypted, and only decrypted
after it gets to your computer. That in itself may make you a target of
investigation though, depending on the circumstances.
Regards, Dave Hodgins
Thanks David, help and explanation very appreciated...my only concerns
was and is that they could detect and read the emails that I am
exchanging with my friends about the situation here in Auroville, I have
nothing illegal or dubious in my mail box.

he google drive is about exchanging accessing old italian comics , movies
and tv series...and I thought that there is an encription that is there
by default so no need from my side to check, but it seems that I must be
sure about it...
Will look into it.
Thank you again and end of the tread
:-)
Santo

Loading...