Home page logo
/

basics logo Security Basics mailing list archives

RE: How to stop Admins from sniffing ?
From: "Beauford, Jason" <jbeauford () EightInOnePet com>
Date: Thu, 27 Jul 2006 14:09:51 -0400

swap_tek () yahoo co uk wrote:
Hey List


I work in a small organisation and the system and network
administrators here are constantly monitoring all data in the
network. I have seen them running Etherreal on their systems and from
their talks i am sure that they know who is doing what. I m using
windows XP and i have a personal firewall installed which pop's up
every few minutes saying that there is a port scan attack going on.
And when i looked up that IP address it belongs to tbe system being
used by the administrator. I have tried talking to my bosses about
this but not happened ( maybe the admins convinced them that they are
not doing anything like that or its happening by bosses permisson). 
i know since they are in same network as me its easy for them to
sniff all traffic and everything.           


What i want to know from you ppl is that is there is anyway way to
stop this ? is it possible for me to encrypt all traffic going out
from my system ?  

I have never used a Anti-Sniffer but can they help ? any way out ?


Thanks in advance

Jeff

Hey Jeff.

Firstly, I want to say that you are going about this the wrong way.
Your Network Admins are not out to sniff your traffic only, or are
targeting you for any particular reason (that is unless you are doing
something "wrong" which has raised a red flag).  They are most likely
simply trying to protect and secure their network.  The fact that you
have chosen to install a personal firewall only makes things more
difficult for them and actually tells a lot about the nature of the
existing security.  My recommendation is to uninstall that personal
firewall, run up to your Network Admin and let them know that you have
Administrator privileges on the machine so that he can revoke them
immediately, thereby protecting both your operating system and his
network from malicious software (virus, worm, trojan etc...) that may
require admin privs to install and propagate.  Better yet, ask for a job
in IT if you're that interested.  It's this kind of inquisitiveness and
motivation that can propel you into a successful career in IT.

By looking to encrypt your traffic/files etc.., and looking for ways to
block packet sniffing, one can infer that you are doing something you
shouldn't be.  This could be putting your network at risk and you may be
in violation of your Company's "Appropriate Usage" policy, if they have
one.  I'd be careful about foiling your Network Admin(s).  It is their
job to ensure the integrity, security and availability of that network
and your hindrance may get you into some hot water when you are
discovered.

I'm quite sure this is not the answer you were looking for, but as a
Systems Admin, I know how these things can work out.


Kind Regards,


JMB.

---------------------------------------------------------------------------
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence
in Information Security. Our program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Using interactive e-Learning technology, you can earn this esteemed degree,
without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]