Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 17 Jan 1996 22:49:31 -0700 (MST)
From:      Dave Andersen <angio@aros.net>
To:        ANDRSN@HOOVER.STANFORD.EDU (Annelise Anderson)
Cc:        questions@freebsd.org
Subject:   Re: ethernet packet sniffer.
Message-ID:  <199601180549.WAA00030@terra.aros.net>
In-Reply-To: <01I04NDA9KTU00BJ0X@HOOVER.STANFORD.EDU> from "Annelise Anderson" at Jan 17, 96 07:55:39 pm
next in thread | previous in thread | raw e-mail | index | archive | help 
Lo and behold, Annelise Anderson once said:

> > (Someone else said this next statement)

> >It's worse than that.  Anyone w/ an ethernet connection on your net
> >can read everything going in or out, not just sysadmins or those with
> >root priviledges on your machine.  If you're really worried about
> >security, there's encrypted rlogin and pgp encryption for mail.
> 
> Anyone with an ethernet connection on "my net" can read everything
> (or log it and read it later, search for key words, send it to
> someone else, etc....)
> 
> Question:  what's "my net"?  How do I find out?  Is there anything
> like, say, a radar detector that determines if anyone else is doing
> this on "my net"?

  Your net is any area to which all of your ethernet packets propagate 
(this typically means all of the computers attached to the same ethernet 
as the computer in question).  Generally, packets will be sent 
indiscriminately through most ethernet hubs unless they're specifically 
switched ethernet hubs, some bridges, etc.  Anything beyond your router 
is (generally) not part of "your net".

  The gist of it is that in many ways, the security of your network 
depends in great part on the security of your weakest host -- if someone 
can gain access to any host on your network, they can monitor the traffic 
to/from all of the hosts on your local network.

  I'm not familiar with anything that would let you detect packet 
monitoring, because it's a passive thing; just make sure nobody has 
unauthorized root access to any of the machines on your network (programs 
such as tripwire, a good backup schedule, etc).

> Annelise

    -Dave Andersen

-- 
angio@aros.net                Complete virtual hosting and business-oriented
system administration         Internet services.  (WWW, FTP, email)
http://www.aros.net/          http://www.aros.net/about/virtual/
  "There are only two industries that refer to thier customers as 'users'."

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199601180549.WAA00030>