Home page logo
/

basics logo Security Basics mailing list archives

Re: How to stop Admins from sniffing ?
From: cc <cc () belfordhk com>
Date: Fri, 28 Jul 2006 10:29:28 +0800

Didn't you write?:
I work in a small organisation and the system and network administrators here are constantly monitoring all data in 
the network. I have seen them running Etherreal on their systems and from their talks i am sure that they know who is 
doing what. I m using windows XP and i have a personal firewall installed which pop's up every few minutes saying 
that there is a port scan attack going on. And when i looked up that IP address it belongs to tbe system being used 
by the administrator. I have tried talking to my bosses about this but not happened ( maybe the admins convinced them 
that they are not doing anything like that or its happening by bosses permisson).  i know since they are in same 
network as me its easy for them to sniff all traffic and everything.


This all depends entirely on your company's policies (computer or
otherwise).  Are  the Sys and Net admins sanctioned by the management
to administer these monitors?

You are, after all, working in a company and not at home and thusly,
you'd have to follow the rules and regulations as dictated by
your company.  I am assuming that the computer you are using is
company property.  In my company,  employees are not told they
can't bring their own notebooks; but they are strictly prohibited
in plugging it into the company network.  The moment they do
that, it is a breach in the network.

Also, by encrypting your traffic, and knowing your sys/net admins are
watching, would you not think they'd suspect something is wrong and
take it as their job to investigate the reasons for your secrecy?
You are doing company-work, are you not?  They know your job nature.
If you feel that your job requires encrypted traffic, then it is
in your best interest to talk to the sys/net admins and the
management.

What i want to know from you ppl is that is there is anyway way to stop this ? 
is it possible for me to encrypt all traffic going out from my system ? 

Take it up with the management and the sys/net admins.  It really
isn't our place to circumvent whatever computer system policies
and protections you have going in your company.


Edmund



---------------------------------------------------------------------------
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence 
in Information Security. Our program offers unparalleled Infosec management 
education and the case study affords you unmatched consulting experience. 
Using interactive e-Learning technology, you can earn this esteemed degree, 
without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault