Home page logo
/

basics logo Security Basics mailing list archives

RE: switched n/w
From: "Rishi Pande" <rpande () vt edu>
Date: Wed, 8 Dec 2004 14:10:52 -0500


I am by no means any kind of a security expert. But there is a remarkable
difference between sniffing on a network and actually manipulating the
packets that are received the user. 
Also, the switched environment sniffing issue is one I have seen mentioned
several times. Here's a link that may help you some
http://www.surasoft.com/articles/packetsniffing.php

In addition, you may just have a bad switch (hardware issue related) Also,
is there any kind of evidence that this is being done in your internal
network and not outside your network? That may be an issue you want to
investigate. 

Good luck!
        Rishi

-----Original Message-----
From: kaushal [mailto:kaushal () rocsys com] 
Sent: Tuesday, December 07, 2004 1:30 PM
To: security-basics () securityfocus com
Subject: switched n/w

Hi,
   Iam a bit new to network securities.We have a switched network and to
my knowledge a hosts' data cannot be sniffed by other host by runnning
tcpdump.But Iam receiving complaints from few users that their data is
being changed/manipulated.Is this possible?
How can I avoid this at the host level?Does this mean the server has
been compromised?Any help or pointer in this aspect would be highly
appreciated.

thanks in advance.

kaushal.



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]