how to block MSN Sniffer
how to block MSN Sniffer
AOA,
I have a question, in my network one of my users is using MSN Sniffer, monitoring all the MSN conversations, i know the IP Address of the person doing this.
I want to know is there any way to stop that guy from doing that wothout him knowing anything or do anything that will stop any sniffing applications.
I am using simple MAC Address Based Authentication through IPTABLES and using Squid as a Proxy and caching server.
Looking Forward for some help.
I have a question, in my network one of my users is using MSN Sniffer, monitoring all the MSN conversations, i know the IP Address of the person doing this.
I want to know is there any way to stop that guy from doing that wothout him knowing anything or do anything that will stop any sniffing applications.
I am using simple MAC Address Based Authentication through IPTABLES and using Squid as a Proxy and caching server.
Looking Forward for some help.
Kind Regards
Mudasir Mirza (RHCE)
(+971)55-1045754
http://www.crystalnetworks.org
http://www.diglinux.com
Mudasir Mirza (RHCE)
(+971)55-1045754
http://www.crystalnetworks.org
http://www.diglinux.com
AOA
can i have a better solution.
because as LAMBDA stated
And one more thing, how to block particular applications from server as done in ISA Firewall.
Looking forward to get more appropriate SOLUTION.
can i have a better solution.
because as LAMBDA stated
The person who is using the "SNIFFIER" is almost 15 to 18 switches away from Server. So how many more switches should i use to avoid it.use more switches on your network.
And one more thing, how to block particular applications from server as done in ISA Firewall.
Looking forward to get more appropriate SOLUTION.
Kind Regards
Mudasir Mirza (RHCE)
(+971)55-1045754
http://www.crystalnetworks.org
http://www.diglinux.com
Mudasir Mirza (RHCE)
(+971)55-1045754
http://www.crystalnetworks.org
http://www.diglinux.com
i don't see how the person can sniff other switch ports' packets, unless he's doing some sort of mac address spoofing. in which case, use managed switches -- something i'm pretty certain i pointed out several months ago.
please don't use ambiguous and useless terms like "server". there is no "server" for the network; the network works without a "server".
please don't use ambiguous and useless terms like "server". there is no "server" for the network; the network works without a "server".
AOA,
Dear Lambda, i know that network works without 'SERVER', but i am looking forward for a solution, i am not facing any problem on PC's, however many of my users are complaining regarding this issue.
Looking forward for some help in this regards.
Dear Lambda, i know that network works without 'SERVER', but i am looking forward for a solution, i am not facing any problem on PC's, however many of my users are complaining regarding this issue.
Looking forward for some help in this regards.
Kind Regards
Mudasir Mirza (RHCE)
(+971)55-1045754
http://www.crystalnetworks.org
http://www.diglinux.com
Mudasir Mirza (RHCE)
(+971)55-1045754
http://www.crystalnetworks.org
http://www.diglinux.com
\mudasir wrote:AOA,
Dear Lambda, i know that network works without 'SERVER', but i am looking forward for a solution, i am not facing any problem on PC's, however many of my users are complaining regarding this issue.
Looking forward for some help in this regards.
well are u sure he is using such sniffer ?
or may be he is using spy ware to get chatting ?
AOA,
I am not sure wheather that guy is using a SNIFFER or a SPYWARE, but i am sure that he is using something to monitor conversations.
So how can i stop this... ???
I am not sure wheather that guy is using a SNIFFER or a SPYWARE, but i am sure that he is using something to monitor conversations.
So how can i stop this... ???
Kind Regards
Mudasir Mirza (RHCE)
(+971)55-1045754
http://www.crystalnetworks.org
http://www.diglinux.com
Mudasir Mirza (RHCE)
(+971)55-1045754
http://www.crystalnetworks.org
http://www.diglinux.com
AOA,
Not looking for this sort of solution ..
Anyways...i was just curious to know wheather this thing can be blocked or not...
Now i know that this SNIFFER thing can not be blocked....
As i told earlier i am not the one facing this problem....many of my users complained me about this...So its not my job to do this....still i was looking for a solution....
And Thanks to all of you for sharing your IDEAS with me...
Not looking for this sort of solution ..
Anyways...i was just curious to know wheather this thing can be blocked or not...
Now i know that this SNIFFER thing can not be blocked....
As i told earlier i am not the one facing this problem....many of my users complained me about this...So its not my job to do this....still i was looking for a solution....
And Thanks to all of you for sharing your IDEAS with me...
Kind Regards
Mudasir Mirza (RHCE)
(+971)55-1045754
http://www.crystalnetworks.org
http://www.diglinux.com
Mudasir Mirza (RHCE)
(+971)55-1045754
http://www.crystalnetworks.org
http://www.diglinux.com
-
- Naik
- Posts: 75
- Joined: Mon Oct 13, 2003 5:06 am
- Location: Karachi, Pakistan
- Contact:
well, first take a look at Sniffers: Basics and Detection
http://cns.tstc.edu/cpate/LINUX/Linux_How2/Sniffers.htm for better understanding.
The packets of MSN Messenger are sent over the network in cleartext form which make it highly insecure, its better to use some encrypting application to secure chat packets i.e. http://www.secway.fr/us/products/simplite_msn/home.php
Its extremely difficult to detect sniffers, however see some useful links for Sniffer Detection.
http://sniffdet.sourceforge.net/faq.html
http://packetstorm.linuxsecurity.com/sn ... antisniff/
http://cns.tstc.edu/cpate/LINUX/Linux_How2/Sniffers.htm for better understanding.
The packets of MSN Messenger are sent over the network in cleartext form which make it highly insecure, its better to use some encrypting application to secure chat packets i.e. http://www.secway.fr/us/products/simplite_msn/home.php
Its extremely difficult to detect sniffers, however see some useful links for Sniffer Detection.
http://sniffdet.sourceforge.net/faq.html
http://packetstorm.linuxsecurity.com/sn ... antisniff/
why not? it almost guaranteed to work.mudasir wrote:Not looking for this sort of solution ..
says who? if it's a networking-related hack, switch to managed switches, and lock switch ports to mac addresses. if it works with spyware, clean the infected systems and install the latest security updates.Anyways...i was just curious to know wheather this thing can be blocked or not...
Now i know that this SNIFFER thing can not be blocked....
and you're rejecting all the provided solutions. no wonder you think there is no way to "block" the sniffer.As i told earlier i am not the one facing this problem....many of my users complained me about this...So its not my job to do this....still i was looking for a solution....
AOA,
Dear Compucated thanx for answer..
Dear Lambda, may i know why you always point out little things in others post...
Dear Compucated thanx for answer..
Dear Lambda, may i know why you always point out little things in others post...
Kind Regards
Mudasir Mirza (RHCE)
(+971)55-1045754
http://www.crystalnetworks.org
http://www.diglinux.com
Mudasir Mirza (RHCE)
(+971)55-1045754
http://www.crystalnetworks.org
http://www.diglinux.com
AOA,
Dear Lambda,
I have not rejected any of the solutions that were posted in answer to my problem, how ever those solutions provided by more experience people then me were not what i was looking for....
So please dont take this personal or anything like that...
And i know what the problem as, as i have clearly stated it in my first post.
So please dont mind...
Take Care
Dear Lambda,
I have not rejected any of the solutions that were posted in answer to my problem, how ever those solutions provided by more experience people then me were not what i was looking for....
So please dont take this personal or anything like that...
And i know what the problem as, as i have clearly stated it in my first post.
So please dont mind...
Take Care
Kind Regards
Mudasir Mirza (RHCE)
(+971)55-1045754
http://www.crystalnetworks.org
http://www.diglinux.com
Mudasir Mirza (RHCE)
(+971)55-1045754
http://www.crystalnetworks.org
http://www.diglinux.com
-
- Naik
- Posts: 87
- Joined: Tue Mar 06, 2007 4:58 am
- Location: Karachi
- Contact:
By using ISA server software signatures can be easily blocked , although i am not also a MS lover but like ISA block MSN n Yahoo it can also block any application on client side ...
have a look into thi s .. you can try this solutioin on VM LAb ................
But if you are using the gr8 linux solutions will be different ...............................
have a look into thi s .. you can try this solutioin on VM LAb ................
But if you are using the gr8 linux solutions will be different ...............................
-
Raheel Ahmad
Raheel Ahmad