Date: Tue, 19 Dec 2000 15:42:17 +0200 (EET) From: Dmitry Galyant <diman@asd.kiev.ua> To: Artem Koutchine <matrix@ipform.ru> Cc: security@FreeBSD.ORG Subject: Re: What anti-sniffer measures do i have? Message-ID: <Pine.BSF.4.21.0012191533490.284-100000@ergo.local> In-Reply-To: <00a101c069bb$36b66da0$0c00a8c0@ipform.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
There is no software solution to your 'sniffer problem'. Experienced guys can down interfaces and still listen a traffic, can change MAC to your routers address and do not swith to promisc, etc... So, all anti-sniffs like L0pht's only can help you to be rooted remotely. Only solution is the hardware solution or crypto-solution. Regards, Dmitry. On Tue, 19 Dec 2000, Artem Koutchine wrote: > Date: Tue, 19 Dec 2000 15:57:12 +0300 > From: Artem Koutchine <matrix@ipform.ru> > To: security@FreeBSD.ORG > Cc: questions@FreeBSD.ORG > Subject: What anti-sniffer measures do i have? > > Hello! > > I guess, that there are issue which tend to grow bigger when you ignore > them in the first place. > > So, our network has gotten pretty big and too many people can see what > the should not see. Besdides, all of the people are very technically > advanced > and can easily use something like the new sniffer which even decrypts shh1 > and ssl. > > So, I really need some ideas on how to disable sniffers on the network which > is a typical 10Mbit ethernet build on a bunch of hubs. It consists of > 1) FreeBSD workstations (many) > 2) Windows 95/98/ME workstations (many) > 3) WIndows NT wortstations (some) > > All of the need to intercommunicate: > FreeBSDs work via NFS > Windows (all kinds)<->FreeBSD via Samba > Windows9x/ME<->WindowsNT via Samba > > Also , there is local office WEB, SMTP, POP3 and an Internet gatway. > > I am interested in knowing all kinds of solutions to the sniffer problem: > software (preffered) or hardware. I'd like some more generic solution, which > do not require any changed in the existing software configuration and allow > the same functionality as we use now (broadcast can be screwed). > > Help! > > Regards, > Artem > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0012191533490.284-100000>