Join facebook group THE HACKER DEVIL
Your Safety Over LAN Is Compromised
You might be surprised by title of post safety over LAN is compromised. The fact I am revealing here is more surprising than title itself. You work for a company with high reputation in its quality of service and security over network and you feel the LAN you use for communication is safe then sorry you are mistaken. No LAN connection in world is safe enough to protect your privacy. The reason is not hackers using sniffing tools to collect information from network but the network itself is problem since it can be monitored. Network monitoring tools, IDS and firewalls all can sniff packets from network and the worst part they all work from desk of system administrator I.e from main station that provides LAN connectivity to all computers.
It means before any information leaves company's network it passes from desk of system administrator to get monitored so along with a network monitoring tool if he installs a sniffer then he/she'll be able to sniff all connections available over network that means if he/she is real bad ass buddy then no information leaving or coming to your computer is safe.
If you have been in field of security from long time you might be well known with name Moxie Marlin Spike. He is independent security researcher who has found vulnerability and developed SSL strip to hack information over HTTPS connections. That means even HTTPS proxy over LAN can be overpowered to get sensitive information, it can only bypass firewall but not packet monitoring and brain of human being. Since all mailing protocols, IRC protocols, Streaming protocols, File Transfer protocols and even remote login protocols are vulnerable to sniffing a person sitting at administrator's system can surely steal it.
He can use tools like Wireshark, Ettercap, Session Capture, Omni Peek, IRS, IRIS, WinSniffer and Ace Password Sniffer to do his/her dirty job since they all are awesome packet capturing tools. IRIS and Ace Password Sniffer have extra advantage over just password sniffing because IRIS can also re-construct packets to reveal information as it is displayed on victim's computer and hence no technical power required to get information and Ace Password Sniffer will display username and password as it is as soon as someone uses them to log-in into vulnerable protocol.
What can be countermeasures ?
You can never guarantee your system admin is nice guy so its your job to protect yourself.
Never do any kind of transactional communication over LAN. A transactional communication means communication that requires authentication in e-commerce terms.
And if it is important use tunneled connection with IPSec protocol I.e use VPN service or setup HTTP tunnel using tunneling software from your LAN to some secure computer at your home or neighborhood.
You can also opt for onion routing by using TOR but I am doubtful about it since I have never captured packet from onion routing network.
I hope you enjoyed reading above information. Thanks for reading and keep visiting.
Labels: LAN Safety