What Can Your ISP See? - What Your ISP Knows About Your Internet Activities

Подписаться 17 тыс.

Просмотров 17 тыс.

50% 1

In this video I show you just what information your internet provider (ISP) can determine from analyzing your traffic. This includes what websites you visit, and in some cases just what you're doing on this websites.
I also cover what benefits VPNs have to safeguard your traffic, while explaining that absolute privacy on the internet doesn't really exist.
Useful links:
Support the channel:
buymeacoffee.c...
Discord:
/ discord

Опубликовано:

26 сен 2024

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист

Посмотреть позже

Комментарии : 65

@Mbro-dq2do 3 месяца назад

Amazing video dude! I love the simple straightforward explanations.

@m4a1mag 3 месяца назад

ur videos are crazy good i could watch em all day

@plaintextpackets 3 месяца назад

Glad you like them!

@ren3059 3 месяца назад

Your channel is underrated and extremely helpful. I'm curious if using Quad9 DoH (DNS over HTTPS) or DoT (DNS over TLS) makes a difference compared to using a VPN?

@plaintextpackets 3 месяца назад

Secure DNS is helpful as it encrypts the queries so your ISP (or other snoopers) wouldn’t be able to see them on the wire. But the owner of the DNS server will so that’s the trade off

@Aksubs807 3 месяца назад

Sorry, but I don't know much, the DoH and DoT are used to encrypt DNS queries and responses right?. As these queries are encrypted, ISP can't see DNS query responses, but after my machine got the DNS response, now the ISP will know "Where" I'm going, cause now the ISP has to route the traffic to that destination server. Is this true???

@claussanta2341 3 месяца назад

Think of sending a package to someone. Works "kind of" the same. If the 📦 isn't see through ISP just sees the destination address etc. Make yourself a pihole and look up your DNS traffic. Interesting to see, really.

@CommsGuy 3 месяца назад

Watching your video made me start thinking that an ISP should be able to see your search terms as well (when you use any search engine) because those search words are part of the URL. I never thought about that before.....

@plaintextpackets 3 месяца назад

That part they actually can’t as the URL path after the domain isn’t available in plaintext. They’ll see the DNS query for the search engine and the TLS connection to it but that’s it

@CommsGuy 3 месяца назад

@@plaintextpackets Cool. I didn't realise the path wasn't plaintext. I've done a fair amount of wiresharking but never looked into the URL path. Thanks :)

@xEndless11 3 месяца назад

The data traffic can be read by the Device over which the traffic is routed, i.e. in this case the gateway. Even if you are using a secure HTTPS connection, the probability is very high that the Google inputs in the search as well as your access data to which pages can be seen as plain text in the recording.

@plaintextpackets 3 месяца назад

Wireshark records the data as its leaving to the network adapter so everything that will be encrypted by the application layer is already encrypted.

@jwilk2107 3 месяца назад

Excellent video brother...👍

@plaintextpackets 3 месяца назад

Thanks 👍

@shaunrowley7230 3 месяца назад

Thank you a very interesting video and agree about VPN's as from what I have read need to ensure that the VPN service you use does not log your where and what. Another source such as Network Chuck has suggested using Proxy Chains to hide your identity would this be detectable in wireshark?

@plaintextpackets 3 месяца назад

There are many vpn services that advertise they don’t log, but frankly I don’t trust that. TOR (a proxy chaining solution) is the closest thing to true privacy but the trade off is performance which is horrible

@TecraTube 3 месяца назад

network chuck is a douche.

@OH2023-cj9if 3 месяца назад

They all do, they have to by Law in the UK. If they don't then the Host does, by Law. That's why PIA removed UK servers.

@johnneisler6552 3 месяца назад

Host your own vpn server on digital Ocean(any server hosting platform will do) make sure it is encrypted with aes 256 bit encryption. Openvpn is a good option

@plaintextpackets 3 месяца назад

This is possible, the cloud provider though can see what that VPN is accessing and knows your identity. But it is a stronger option

@Mbro-dq2do 3 месяца назад

thank you so much

@plaintextpackets 2 месяца назад

You're welcome!

@collinhowell2064 3 месяца назад

DNS over TLS? it would encrypt your traffic to DNS, most home routers can do it.

@AvacadoJuice-q9b 3 месяца назад

Is DoT better of DoH?

@njpme 3 месяца назад

@@AvacadoJuice-q9bdoesn't really matter.

@aaronletchford 3 месяца назад

Would pi hole solve privacy, and stop the isp seeing your traffic

@plaintextpackets 3 месяца назад

Solves some, I will cover this in a video coming soon

@zadekeys2194 3 месяца назад

No. :) That's what DNS over Https or TLS is for :)

@zadekeys2194 3 месяца назад

Pi hole is just a local server, a middle man if you like. Requests still go to your ISP DNS, unless you configure your DNS to something like 9.9.9 .9or Ad-Guard DNS using secure DNS.

@PracticalPcGuide 3 месяца назад

Very good video. easy to understand and follow. need another wireshark dns analysis tutorial using a program VPN vs vpn as a browser extension vs Tor browser. no dns showing while on tor..

@plaintextpackets 3 месяца назад

Noted

@tyrojames9937 3 месяца назад

YES!👍🏾

@DamjanDimitrioski 3 месяца назад

It knows I tried to connect with my router 1sec each hour, although my wan cable was disconnected and the router was powered off. Their diagnostic tools are poor :D.

@loreyoungtech 3 месяца назад

This is helpful content thanks.

@TecraTube 3 месяца назад

what of your VPN is your own wire guard server on a cloud server? running pfsense as firewall with VPN there as well as the your local machine running client

@plaintextpackets 3 месяца назад

You could do this, that secures the server from logging but the traffic itself can be sniffed by the cloud hosting provider

@pedrol71 3 месяца назад

@@plaintextpackets and what if I deploy my own VPN Wireguard server on my own network, say on a Docker Container or on a Raspberry PI ?

@James-k6z5e 3 месяца назад

Why cant they inspect my device as this would solve my problem as the hackers would be caught but in Australia they are so useless that they lie to sell and investigations into fraud are not properly executed and they are enabling the hackers.

@garylove2836 3 месяца назад

You could always use elons musk starlink with a vpn concentrator and you don’t need isp.

@plaintextpackets 3 месяца назад

Starlink is an ISP

@garylove2836 3 месяца назад

@@plaintextpackets but the vpn concentrator will encrypt the traffic so the isp can’t see.

@plaintextpackets 3 месяца назад

@garylove2836 it’ll encrypt it between your home to the concentrator yes you’re right. From there the company who owns the concentrator or server it’s running on will be able to see

@garylove2836 3 месяца назад

@@plaintextpackets oh I see.

@thienviet3429 3 месяца назад

Can my isp see my full link? I mean my isp is able to see what I am doing from my link, don’t they? 9:08 If not, then I don’t have any questions.

@plaintextpackets 3 месяца назад

They can see the domain but not the full path

@johnycache 3 месяца назад

Do you rate tailsOS?

@anonuser260 3 месяца назад

Trust me or not, they can see your web browser screen if they need to, i have seen it on my own eyes, idc what anyone says. Intercepting packets is nothing compared to this.

@mathieucaron4957 3 месяца назад

They only "hack" criminals (or to spy) I guess... If they see your ip communicating with a terrorist, they would surely hack your pc/phone to get what they need. I don't know how they can do it, that would be interesting to learn 🤔

@Dexter101x 3 месяца назад

You used cloudflare's ip address in this video, lol

@mitchellsmith4601 3 месяца назад

This guy is spreading FUD. All the popular websites use HTTPS, it’s only smaller websites without much traffic which don’t. Why? Because more than ten years ago, Google announced they would favor HTTPS websites over HTTP websites in their search results, which incentivized almost everyone to use HTTPS.

@plaintextpackets 3 месяца назад

So I actually cover that in the vid, and explicitly state that ‘what’ it is you’re doing is mostly obfuscated by HTTPS these days. I also cover in the next vid how most of those popular websites share data on your activities anyhow via various tracking methods.

@maxvideodrome4215 3 месяца назад

I own an ISP - we don’t look at anything.

@cm98765432100 3 месяца назад

Even With https deep packet inspection can see what type of services your using. What website you are connecting to even after changing dns as the host header is unencrypted(for now).They just can’t see the content.

@plaintextpackets 3 месяца назад

Yeah you can tell a ton about a person just from looking at what they visit and when.

@dadadies 3 месяца назад

Are you censoring me or is youtube censoring me.

@claussanta2341 3 месяца назад

Resolve DNS locally and then proxy out.

@plaintextpackets 3 месяца назад

Your local DNS server still needs to talk to one upstream

@titarch 3 месяца назад

@@plaintextpackets Not if you setup a rDNS (reverse DNS) service. Instead of forwarding request the local dns (e.g. pihole) can use unbound (rDNS) to resolve dns directly from the corresponding authoritative servers. It takes longer but can be cached over time.