Security Basics mailing list archives
Re: switched n/w
From: H Carvey <keydet89 () yahoo com>
Date: 8 Dec 2004 13:57:32 -0000
In-Reply-To: <1102444223.2139.19.camel@Kaushal>
Iam a bit new to network securities.We have a switched network and to my knowledge a hosts' data cannot be sniffed by other host by runnning tcpdump.But Iam receiving complaints from few users that their data is being changed/manipulated.Is this possible? How can I avoid this at the host level?Does this mean the server has been compromised?Any help or pointer in this aspect would be highly appreciated.
It sounds like you need to get more information from your users. What do they mean when they say that their data has been changed? I mention this, as it is entirely possible that there was no sniffing involved at all...one doesn't necessarily need to sniff the network in order to compromise a remote host, particularly when passwords are weak or non-existant. H. Carvey http://www.windows-ir.com http://windowsir.blogspot.com
Current thread:
- Re: switched n/w, (continued)
- Re: switched n/w Alexander Klimov (Dec 08)
- Re: switched n/w Grim (Dec 08)
- Re: switched n/w Jacob Weeks (Dec 08)
- Re: switched n/w q q (Dec 09)
- Re: switched n/w easternerd (Dec 10)
- Re: switched n/w q q (Dec 09)
- Re: switched n/w xyberpix (Dec 09)
- RE: switched n/w Jeff Gercken (Dec 08)
- Re: switched n/w Ivan Coric (Dec 08)
- Re: switched n/w miguel . dilaj (Dec 08)
- Re: switched n/w kaushal (Dec 08)
- Re: switched n/w H Carvey (Dec 08)
- Re: switched n/w Russell Gregg (Dec 08)