Date: Tue, 19 Dec 2000 17:22:13 +0200 (IST) From: Roman Shterenzon <roman@xpert.com> To: Dmitry Galyant <diman@asd.kiev.ua> Cc: Artem Koutchine <matrix@ipform.ru>, <security@FreeBSD.ORG> Subject: Re: What anti-sniffer measures do i have? Message-ID: <Pine.LNX.4.30.0012191719290.9585-100000@jamus.xpert.com> In-Reply-To: <Pine.BSF.4.21.0012191533490.284-100000@ergo.local>
next in thread | previous in thread | raw e-mail | index | archive | help
I ported antisniffer to freebsd once (still have patches somewhere), and found it to be completely unusable (it's really alpha quality). Also, their windows version is not much better. I think that cryptography is the key. On Tue, 19 Dec 2000, Dmitry Galyant wrote: > There is no software solution to your 'sniffer problem'. > Experienced guys can down interfaces and still listen a traffic, > can change MAC to your routers address and do not swith to > promisc, etc... > So, all anti-sniffs like L0pht's only can help you to be > rooted remotely. > Only solution is the hardware solution or crypto-solution. > > Regards, Dmitry. > > On Tue, 19 Dec 2000, Artem Koutchine wrote: > > > Date: Tue, 19 Dec 2000 15:57:12 +0300 > > From: Artem Koutchine <matrix@ipform.ru> > > To: security@FreeBSD.ORG > > Cc: questions@FreeBSD.ORG > > Subject: What anti-sniffer measures do i have? > > > > Hello! > > > > I guess, that there are issue which tend to grow bigger when you ignore > > them in the first place. > > > > So, our network has gotten pretty big and too many people can see what > > the should not see. Besdides, all of the people are very technically > > advanced > > and can easily use something like the new sniffer which even decrypts shh1 > > and ssl. > > > > So, I really need some ideas on how to disable sniffers on the network which > > is a typical 10Mbit ethernet build on a bunch of hubs. It consists of > > 1) FreeBSD workstations (many) > > 2) Windows 95/98/ME workstations (many) > > 3) WIndows NT wortstations (some) > > > > All of the need to intercommunicate: > > FreeBSDs work via NFS > > Windows (all kinds)<->FreeBSD via Samba > > Windows9x/ME<->WindowsNT via Samba > > > > Also , there is local office WEB, SMTP, POP3 and an Internet gatway. > > > > I am interested in knowing all kinds of solutions to the sniffer problem: > > software (preffered) or hardware. I'd like some more generic solution, which > > do not require any changed in the existing software configuration and allow > > the same functionality as we use now (broadcast can be screwed). > > > > Help! > > > > Regards, > > Artem > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-security" in the body of the message > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > --Roman Shterenzon, UNIX System Administrator and Consultant [ Xpert UNIX Systems Ltd., Herzlia, Israel. Tel: +972-9-9522361 ] To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.LNX.4.30.0012191719290.9585-100000>