RE: is the latest ISA2000 security update a dud?
- From: "David Farinic" <davidf@xxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Mon, 27 Jun 2005 15:41:29 +0200
Software...
http://www.google.co.uk/search?biw=1077&hl=en&q=active+sniffer+MAC&meta=
________________________________
From: Ball, Dan [mailto:DBall@xxxxxxxxxxx]
Sent: Monday, June 27, 2005 3:30 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: is the latest ISA2000 security update a dud?
http://www.ISAserver.org
Software or hardware? I haven't see any software ones that will do
that, but I might have missed it.
________________________________
From: David Farinic [mailto:davidf@xxxxxxx]
Sent: Monday, June 27, 2005 09:22
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: is the latest ISA2000 security update a dud?
http://www.ISAserver.org
"...with the newer switches, a packet sniffer only catches broadcast
traffic by default. They'd have to be able to hack into the switch
itself and mak...."
Passive sniffers YES active NO- and without hacking into switch. There
are publicly available sniffers like that.
DavidF
________________________________
From: Ball, Dan [mailto:DBall@xxxxxxxxxxx]
Sent: Monday, June 27, 2005 3:18 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: is the latest ISA2000 security update a dud?
http://www.ISAserver.org
That's quite possible, but not that simple. On an internal network,
with the newer switches, a packet sniffer only catches broadcast traffic
by default. They'd have to be able to hack into the switch itself and
make the port they're plugged into a monitor port (where it gets ALL
traffic) in order to capture that kind of traffic.
Again, not saying it can't be done, they are several ways it "could" be
done. But the average person that is going to be causing problems (saw
a report that 86% of malicious hacking is done by disgruntled employees)
isn't going to be able to figure out how to do it very easily.
Of course, what you're describing is using someone else's network, so
anything goes. Also, in public access locations like airports and such,
you're far more likely to encounter a serious hacker. If we had
information here that was really worth anything, I'd consider a password
policy like that also. As it stands right now, only the people with
administrative privileges have a harsher password policy. The rest are
still having a really hard time with a five-letter minimum and not being
able to use the same password twice in a row. However, they discovered
that if they keep switching back and forth between two passwords it
would work, so I might have to change it.
This mail was checked for viruses by GFI MailSecurity. GFI also develops
anti-spam software (GFI MailEssentials), a fax server (GFI FAXmaker),
and network security and management software (GFI LANguard) -
www.gfi.com
Other related posts:
