Problem solve Get help with specific problems with your technologies, process and projects.

How to prevent network sniffing and eavesdropping

Scenario: A hacker wants to glean data from two of your servers by installing network monitoring software. How can you prevent him from getting the data he wants? Learn more in this expert response.

My question is regarding eavesdropping. A client machine (Computer A) communicates with 2 servers (X and Y). The aim of the attacker is to gather the data sent to both servers. If an attacker wants to eavesdrop on both the connections (A - X and A - Y), I suspect he or she would most likely install a sniffer on Computer A. What other patterns of intercepting network data should our organization watch for?

You're correct: Installing monitoring software on the client system (Computer A in your example) is the easiest way to gather all of the information the attacker is seeking. However, there are several other ways this sort of information collection could take place. First, it would be possible to gather the same information by installing monitoring software on both of the servers. Second, the same information could be gathered by sniffing the network connection. Is the network between the client and servers entirely under your control? All of the network devices between the systems should also be considered as possible eavesdropping points.

How can these attacks be prevented? Protecting against monitoring software is a function of endpoint security: Be sure you know what devices are present on your network and that you carefully control the software that is installed on them. You can protect against network-based eavesdropping attacks by using encryption. For example, if the connection between the client and server is Web-based, use HTTPS-encrypted connections to prevent an eavesdropper from reading the content of the communication.

More on this topic

  • Should software be used to monitor networks for blogging activity? Read more.
  • Learn how to prevent eavesdropping on mobile devices in this expert response.
This was last published in August 2009

Dig Deeper on Real-time network monitoring and forensics

Join the conversation

1 comment

Send me notifications when other members comment.

Please create a username to comment.

wys my guy