General discussion


security (sniffer)

By ijere ·
i have a cafe where peole come to surf the net. but i have been looking for a sofware whereby they cannot be able to send sparm mails as well crook mails over the network (my network) t the internet. i have heard about sniffers but can it be of anyhelp?

This conversation is currently closed to new comments.

4 total posts (Page 1 of 1)  
Thread display: Collapse - | Expand +

All Comments

Collapse -

Several Objectives

by Oldefar In reply to security (sniffer)

First off, the "sniffer" is a packet capture and analysis tool made by Network Associates. It is an excellent tool for identifying what the traffic on a network consists of, but it is not a tool for controlling traffic or actions by users. Similarproducts include Etherpeek from Wildpackets and Ethereal from Ethereal.

A packet analyser might be used by one of your cafe customers to capture data sent or received by another user over the same LAN. If you provide the workstations, lock thesedown to prevent a user from installing the software. If you only provide the connection point, consider making each connection as its own VLAN so that traffic is limited to packets to and from that connection.

Spam activity is another issue. Ifyou provide email service then the problem is tackled at the server. If you only provide access, you can block SMTP off your LAN and allow Web access only.

Collapse -


by LordInfidel In reply to Several Objectives

You really don't have to set up each connection as it's own vlan to stop packet sniffing on the lan.

Simply using a switch instead of a hub stops that dead in it's tracks.

The main thing here, is that this person needs not only a firewall, butalso to remove any e-mail capabale programs on his machines. get rid of OE and Outlook.

By using a firewall he can make it so that no machine on the network can send out to tcp 25 (smtp). This will not affect web mail. (I know you touched on it, I was just expounding).

If he has a local machine setup to relay e-mail, then at the least I would make it so that the relay server can only relay for specific domains, has message limits (can only accept 1 message per connection) and should bethe only machine allowed to send outgoing mail.

Collapse -

Right you are

by Oldefar In reply to errata

A switch will segment those connections.

Collapse -


by LordInfidel In reply to Right you are

There is a way even to bypass a switch, and that is with arp poisioning. So I am not 100% correct.

In fact the only truly safe method of blocking sniffing/packet captures, is end to end encryption. (Borrowed From Hacking Exposed)

Back to IT Employment Forum
4 total posts (Page 1 of 1)  

Related Discussions

Related Forums