AW: How to stop Admins from sniffing ?

[Christian.Assfalg () bc boehringer-ingelheim com]

Well, they don't.

At least not neccesarily. In Germany, for example, there are a number of laws against monitoring of user activity. You 
can not simply read someones emails for example, unless you have a specific reason for it, and the works council agrees.

Similar things apply to auditing and monitoring and stuff like that. As soon as user behaviour is concerned, the works 
council has to agree. I am no lawyer or data privacy professional so I may be wrong, but that's what I think is the 
situation in Germany, and soon-to-be in the whole European Union. I guess those laws are not so strict in America, but 
I don't think you can simple watch "everything" someone does.

I'd say it depends on the laws of the country you work in, and the agreements you siged with your employer.

Personaly, I don't see why a security professional would want to do a portscan on some client PC, or why someone would 
want to monitor every network package. That should be quite a lot, so it is a lot of work. Haven't they got other 
(better) things to do?

If Jeff would realy want to hide something, then well - that's his problem. But I would not be very comfortable with 
this situation as well. We don't live in the world of "1984", do we?


-----Ursprüngliche Nachricht-----
Von: Weir, Jason [mailto:jason.weir () nhrs org] 
Gesendet: Donnerstag, 27. Juli 2006 18:12
An: security-basics () securityfocus com
Betreff: RE: How to stop Admins from sniffing ?


Jeff,

My first question would be why would you want to stop them..  Any
competent IT security professional will be and should be monitoring
anything and everything that goes across their wire.  In my opinion that
is their job.

If you are trying to hide something that's a different story.  If its
web traffic you can use an hppts connection to one of the many
anonymizer services out there.  Ethereal would only show encrypted
packets to\from the anonymizer site and not reveal the actual site you
are going to.  This would prevent network sniffing of web traffic only.
There are many other ways to see what's going on..

It sounds like you have a privacy issue but if you are using company
equipment and services you have no expectation of privacy and they have
every right to monitor everything you do

Jason Weir
Systems Administrator
New Hampshire Retirement System


-----Original Message-----
From: swap_tek () yahoo co uk [mailto:swap_tek () yahoo co uk] 
Sent: Wednesday, July 26, 2006 1:14 AM
To: security-basics () securityfocus com
Subject: How to stop Admins from sniffing ?


Hey List

I work in a small organisation and the system and network administrators
here are constantly monitoring all data in the network. I have seen them
running Etherreal on their systems and from their talks i am sure that
they know who is doing what. I m using windows XP and i have a personal
firewall installed which pop's up every few minutes saying that there is
a port scan attack going on. And when i looked up that IP address it
belongs to tbe system being used by the administrator. I have tried
talking to my bosses about this but not happened ( maybe the admins
convinced them that they are not doing anything like that or its
happening by bosses permisson).  i know since they are in same network
as me its easy for them to sniff all traffic and everything.

What i want to know from you ppl is that is there is anyway way to stop
this ? is it possible for me to encrypt all traffic going out from my
system ? 

I have never used a Anti-Sniffer but can they help ? any way out ?

Thanks in advance

Jeff


---------------------------------------------------------------------------
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence 
in Information Security. Our program offers unparalleled Infosec management 
education and the case study affords you unmatched consulting experience. 
Using interactive e-Learning technology, you can earn this esteemed degree, 
without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------




---------------------------------------------------------------------------
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence
in Information Security. Our program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Using interactive e-Learning technology, you can earn this esteemed degree,
without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------