RE: RE: How to stop Admins from sniffing ?

["Corbett, Tim D. (TD)" <TDCorbett () taylorcorp com>]

 Or, here's a novel idea.  Don't do anything you shouldn't be doing from
your work computer.  I doubt your admins would appreciate you messing
with your machine and/or network connection and you're just going to
draw more attention to yourself anyway.

If you don't trust your network administrators, you can either deal with
it, or look for a new job in my humble opinion.

I've been on both sides of the fence, and speaking from the
administrators side of the fence, users that try to hide stuff from me
instantly go under the microscope...its my job to be suspicious and
aware of things that are going on.  And I'll tell you, if someone just
says "hey man, I have a couple files I need to grab from home quick" vs.
someone trying to establish a vpn tunnel to home (which they can't since
I block IPSEC and PPTP at the firewall) without telling me what's going
on, the person that's upfront about stuff is going to get treated much
better.

Again, just my 2 cents.


-----Original Message-----
From: flur () d1f org [mailto:flur () d1f org] 
Sent: Wednesday, August 16, 2006 1:38 AM
To: security-basics () securityfocus com
Subject: Re: RE: How to stop Admins from sniffing ?

You cannot prevent the admin of a computer from being able to intercept
your data. If you are on a windows corporate network, your admin may
have full access on your computer due to group policy. You cannot
protect yourself easily from these admins. They can interfere with your
vpn software, install keyloggers, screenscrapers, etc etc. 

BUT...

You can prevent network admins from sniffing your traffic by using
encryption. Two quick ways you can do this:

1. use a vpn. this will encrypt everything your computer does and send
it to a specific point-- which will they relay it to its actual
destination. typical scenario: you connect to your computer at home via
encrypted connection, and let your home computer be your 'proxy' to the
internet. Note that you are not protected from your home ISP or your
home network for that matter.

2. Use encryption where possible. Visit only https pages- although this
will not prevent the admin from knowing where you're going (admin can
see tcp endpoints), they wont know what you are doing there. It is
possible for an admin to tell how long you stay on a site though even if
you're using SSL on the web, so be careful. If the sites/services you
want to securely connect to don't support SSL, you should consider the
first option instead.

You can get free VPN server and client software from the openssl project
(its free, opensource, and available for win/mac/linux/bsd/unix):
http://openvpn.net/

Good luck.
~flurdoing

------------------------------------------------------------------------
---
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The NSA has
designated Norwich University a center of Academic Excellence in
Information Security. Our program offers unparalleled Infosec management
education and the case study affords you unmatched consulting
experience. 
Using interactive e-Learning technology, you can earn this esteemed
degree, without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
------------------------------------------------------------------------
---


---------------------------------------------------------------------------
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence
in Information Security. Our program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Using interactive e-Learning technology, you can earn this esteemed degree,
without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------