Home page logo
/

basics logo Security Basics mailing list archives

Re: switched n/w
From: H Carvey <keydet89 () yahoo com>
Date: 8 Dec 2004 13:57:32 -0000

In-Reply-To: <1102444223.2139.19.camel () Kaushal>

  Iam a bit new to network securities.We have a switched network and to
my knowledge a hosts' data cannot be sniffed by other host by runnning
tcpdump.But Iam receiving complaints from few users that their data is
being changed/manipulated.Is this possible?
How can I avoid this at the host level?Does this mean the server has
been compromised?Any help or pointer in this aspect would be highly
appreciated.

It sounds like you need to get more information from your users.  What do they mean when they say that their data has 
been changed?  I mention this, as it is entirely possible that there was no sniffing involved at all...one doesn't 
necessarily need to sniff the network in order to compromise a remote host, particularly when passwords are weak or 
non-existant.

H. Carvey
http://www.windows-ir.com
http://windowsir.blogspot.com


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault