[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Mostly Apache some Sniffit



Hi,

I actually ran a sniffer test at my work place. We have switches and
really nothing goes. Even more, the switches support VLAN and
MAC-filtering (or whatever it's called), guaranteeing that only approved
MACs can be connected to their appropriate sockets. If you bring a
notebook, you won't even get it connected :-)

Schlomo

On Thu, 11 Mar 1999, James Olin Oden wrote:

> > JOO>> > Today I tried for the first time a Sniffer (sniffit) and I was amazed to
> > JOO>> > see what it can do to our privecy :-(
> > JOO>> > Is there a way to make Alarm when someone try to sniff my Net / Users ?
> > JOO>>
> > JOO>> I don't think so.  The key is to use encrypted communications
> > JOO>> when ever possible.  You can't catch them because they don't
> >
> > In fact, there are a way to detect that your interface is in promiscous
> > mode (needed for sniffing other machines). Search bugtraq archives for
> > more, I don't remember exactly where it is. And about local machine - if
> > anyone got to run sniffer there, you have much bigger trouble, since
> > sniffers are run as root ;) But there's much simpler way t detect it -
> > just looking on ifconfig output should suffice.
> >
> 
> Yes, but with a lap top loaded with a sniffer connected to your network their is
> really no way to detect this, or to secure the system the attacker is using because
> its not necessarily even one of your companies systems.  Plus this has become very
> easy, and cheap with Linux (not that that was anybody's intent).  A couple boot
> disks with the right software, and you can hijack someone's machine fairly easily
> for use other than its proper use.  Really the only thing that comes close to
> prevent sniffer's from achieving their goal in an attacker's hands is encrypted
> communications, or as you said:
> 
> >
> > And then - use ssh instead of telnet, and if you are paranoid - scp
> > instead of ftp, et cetera.
> 
> ....james
> 
> 
> 
> 
>