The bad guys can sniff packets

The bad guys can sniff packets

Many users today access the Internet via wireless devices, such as WiFi-connected laptops or handheld devices with cellular Internet connections (covered in "Wireless and Mobile Networks"). While ubiquitous Internet access is very suitable and enables excellent new applications for mobile users, it also creates a major security vulnerability - by placing a passive receiver in the locality of the wireless transmitter, that receiver can obtain a copy of every packet that is transmitted! These packets can include all kinds of sensitive information, including passwords, social security numbers, trade secrets, and private personal messages. A passive receiver that records a copy of every packet that flies by is called a packet sniffer.

Sniffers can be deployed in wired environments as well. In wired broadcast environments, as in many Ethernet LANs, a packet sniffer can obtain copies of all packets sent over the LAN. As explained in "The Network Edge", cable access technologies also broadcast packets and are thus vulnerable to sniffing. Moreover, a bad guy who gains access to an institution's access router or access link to the Internet may be able to plant a sniffer that makes a copy of every packet going to/from the organization. Sniffed packets can then be analyzed offline for sensitive information.

Packet-sniffing software is freely available at various Web sites and as commercial products. Professors teaching a networking course have been known to assign lab exercises that involve writing a packet-sniffing and application-layer data reconstruction program. Because packet sniffers are inactive - that is, they do not inject packets into the channel - they are difficult to detect. So, when we send packets into a wireless channel, we must accept the possibility that some bad guy may be recording copies of our packets.  As you may have guessed, some of the best defenses against packet sniffing involve cryptography. We will study cryptography as it applies to network security in "Security in Computer Networks".


Tags

packet sniffer, lan, packets

Copy Right

The contents available on this website are copyrighted by TechPlus unless otherwise indicated. All rights are reserved by TechPlus, and content may not be reproduced, published, or transferred in any form or by any means, except with the prior written permission of TechPlus.