First, use encryption! If you encrypt sensitive data and passwords while in transit, you'll render packet sniffers...
Encryption can be implemented in a number of ways: SSL (HTTPS) connections to Web servers, encrypted SSL or TLS connections to mail servers, or other application-specific techniques. Alternatively, you can use a virtual private network (VPN) to encrypt entire communications links, regardless of protocol.
Second, use a switched network. In this case, a packet sniffer will only be able to eavesdrop on connections taking place on its own local switch port. If you assign each system to an individual switch port, there simply won't be any packets for the packet sniffer to intercept.
Dig Deeper on Network intrusion detection and prevention (IDS-IPS)
Related Q&A from Mike Chapple
It's not possible to eradicate the risk of DoS attacks, but there are steps infosec pros can take to reduce their impact. Mike Chapple shares ...continue reading
The HHS OCR ruled that healthcare ransomware attacks are HIPAA violations, so these covered entities need to react according to the HHS's guidance. ...continue reading
HIPAA regulations incorporate NIST guidelines and standards, so do healthcare organizations need to be compliant with both? Expert Mike Chapple ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.