Problem solve

How to keep packet sniffers from collecting sensitive data

In this SearchSecurity.com Q&A, network security expert Mike Chapple reveals two important actions that can protect users from packet sniffers and other eavesdropping attacks.

Mike Chapple, University of Notre Dame

What are the best ways to protect users from packet sniffers that can collect sensitive information like passwords?

There are two important actions that can protect users from packet sniffers and other eavesdropping attacks.

First, use encryption! If you encrypt sensitive data and passwords while in transit, you'll render packet sniffers...

Step 2 of 2:

You forgot to provide an Email Address.

This email address doesn’t appear to be valid.

This email address is already registered. Please login.

You have exceeded the maximum character limit.

Please provide a Corporate E-mail Address.
- I agree to TechTarget’s Terms of Use, Privacy Policy, and the transfer of my information to the United States for processing to provide me with relevant information as described in our Privacy Policy.
Please check the box if you want to proceed.
- I agree to my information being processed by TechTarget and its Partners to contact me via phone, email, or other means regarding information relevant to my professional interests. I may unsubscribe at any time.
Please check the box if you want to proceed.

useless.

Encryption can be implemented in a number of ways: SSL (HTTPS) connections to Web servers, encrypted SSL or TLS connections to mail servers, or other application-specific techniques. Alternatively, you can use a virtual private network (VPN) to encrypt entire communications links, regardless of protocol.

Second, use a switched network. In this case, a packet sniffer will only be able to eavesdrop on connections taking place on its own local switch port. If you assign each system to an individual switch port, there simply won't be any packets for the packet sniffer to intercept.

More information:

Looking to sniff out problem packets? Contributor Scott Sidel recommends Wireshark.
Use a packet sniffer to determine whether an email message is encrypted or not.

This was last published in April 2007

How to prevent network eavesdropping attacks

Using dynamic ARP inspection to stop sniffing attacks

VSS Monitoring: Passive and inline monitoring in network packet broker

Wireless carrier security risks: Keeping enterprise data safe

Please create a username to comment.

Privacy-preserving machine learning assuages infosec fears

How Azure, AWS, Google handle data destruction in the cloud

Multi-cloud security strategies rely on visibility, uniformity

How the cloud fractures application delivery infrastructure ops

Why network configuration templates are useful in automation

An automation-first approach enables network predictability

Return-to-office plans stress safety, security, collaboration

6 cognitive automation use cases in the enterprise

5 digital transformation strategies embracing the new normal

Citrix microapps look to ease office reopening

VMware Workspace One unifies reshaped digital workforces

Macs to run on Apple silicon, leaving Intel behind

Review the top sessions from recent cloud conferences

Test your cloud knowledge: VMs vs. containers vs. serverless

Cloud lock-in fears aren't as prevalent as you might think

Cops take out encrypted comms to disrupt organised crime

Between a cloud and a hard place: companies change applications tack

IR35 private sector reforms: Finance Bill vote denies further delays to April 2021 start date

Dig Deeper on Network intrusion detection and prevention (IDS-IPS)

How to prevent network eavesdropping attacks

Using dynamic ARP inspection to stop sniffing attacks

VSS Monitoring: Passive and inline monitoring in network packet broker

Wireless carrier security risks: Keeping enterprise data safe

Related Q&A from Mike Chapple

Start the conversation

0 comments

Register

Login

Forgot your password?

Your password has been sent to:

Please create a username to comment.