Problem solve

How to keep packet sniffers from collecting sensitive data

In this SearchSecurity.com Q&A, network security expert Mike Chapple reveals two important actions that can protect users from packet sniffers and other eavesdropping attacks.

Mike Chapple, University of Notre Dame

What are the best ways to protect users from packet sniffers that can collect sensitive information like passwords?

There are two important actions that can protect users from packet sniffers and other eavesdropping attacks.

First, use encryption! If you encrypt sensitive data and passwords while in transit, you'll render packet sniffers...

Step 2 of 2:

You forgot to provide an Email Address.

This email address doesn’t appear to be valid.

This email address is already registered. Please login.

You have exceeded the maximum character limit.

Please provide a Corporate E-mail Address.
- I agree to TechTarget’s Terms of Use, Privacy Policy, and the transfer of my information to the United States for processing to provide me with relevant information as described in our Privacy Policy.
Please check the box if you want to proceed.
- I agree to my information being processed by TechTarget and its Partners to contact me via phone, email, or other means regarding information relevant to my professional interests. I may unsubscribe at any time.
Please check the box if you want to proceed.

useless.

Encryption can be implemented in a number of ways: SSL (HTTPS) connections to Web servers, encrypted SSL or TLS connections to mail servers, or other application-specific techniques. Alternatively, you can use a virtual private network (VPN) to encrypt entire communications links, regardless of protocol.

Second, use a switched network. In this case, a packet sniffer will only be able to eavesdrop on connections taking place on its own local switch port. If you assign each system to an individual switch port, there simply won't be any packets for the packet sniffer to intercept.

More information:

Looking to sniff out problem packets? Contributor Scott Sidel recommends Wireshark.
Use a packet sniffer to determine whether an email message is encrypted or not.

This was last published in April 2007

Quick fix to Git's fatal 'unable to access SSL certificate' error

How to prevent network eavesdropping attacks

Using dynamic ARP inspection to stop sniffing attacks

VSS Monitoring: Passive and inline monitoring in network packet broker

Please create a username to comment.

How to pass the AWS Certified Security - Specialty exam

Practice AWS Certified Security - Specialty exam questions

Choosing between proxy vs. API CASB deployment modes

3 types of wireless site surveys and how to conduct them

With SASE, security and networking tech come together

New Celona 5G platform nets TechTarget innovation award

How emerging technology fits in your digital transformation

The Open Group, UN tackle government enterprise architecture

5 ways to keep developers happy so they deliver great CX

How to enable and disable Tamper Protection in Windows 10

11 tips to improve Windows 10 performance

Microsoft Pluton chip will secure future Windows PCs

A conference guide to AWS re:Invent 2020

AWS re:Invent 2020 underscores push toward cloud in pandemic

Multi-cloud networking -- how to choose the right path

Dreamforce 2020: Hyperforce shifts Salesforce to public cloud

S/4 Hana projects come off back burner, but skills shortage impedes progress

Openreach claims UK first as it moves from copper to full-fibre in Salisbury

Dig Deeper on Network intrusion detection and prevention (IDS-IPS)

Quick fix to Git's fatal 'unable to access SSL certificate' error

How to prevent network eavesdropping attacks

Using dynamic ARP inspection to stop sniffing attacks

VSS Monitoring: Passive and inline monitoring in network packet broker

Related Q&A from Mike Chapple

Start the conversation

0 comments

Register

Login

Forgot your password?

Your password has been sent to:

Please create a username to comment.