Q

How to keep packet sniffers from collecting sensitive data

In this SearchSecurity.com Q&A, network security expert Mike Chapple reveals two important actions that can protect users from packet sniffers and other eavesdropping attacks.

What are the best ways to protect users from packet sniffers that can collect sensitive information like passwords?
There are two important actions that can protect users from packet sniffers and other eavesdropping attacks.

First, use encryption! If you encrypt sensitive data and passwords while in transit, you'll render packet sniffers useless.

Encryption can be implemented in a number of ways: SSL (HTTPS) connections to Web servers, encrypted SSL or TLS connections to mail servers, or other application-specific techniques. Alternatively, you can use a virtual private network (VPN) to encrypt entire communications links, regardless of protocol.

Second, use a switched network. In this case, a packet sniffer will only be able to eavesdrop on connections taking place on its own local switch port. If you assign each system to an individual switch port, there simply won't be any packets for the packet sniffer to intercept.

More information:

  • Looking to sniff out problem packets? Contributor Scott Sidel recommends Wireshark.
  • Use a packet sniffer to determine whether an email message is encrypted or not.
  • This was first published in April 2007

    Dig deeper on Network Intrusion Prevention (IPS)

    Pro+

    Features

    Enjoy the benefits of Pro+ membership, learn more and join.

    Have a question for an expert?

    Please add a title for your question

    Get answers from a TechTarget expert on whatever's puzzling you.

    You will be able to add details on the next page.

    0 comments

    Oldest 

    Forgot Password?

    No problem! Submit your e-mail address below. We'll send you an email containing your password.

    Your password has been sent to:

    -ADS BY GOOGLE

    SearchCloudSecurity

    SearchNetworking

    SearchCIO

    SearchConsumerization

    SearchEnterpriseDesktop

    SearchCloudComputing

    ComputerWeekly

    Close