packet sniffing by the unauthorized

Mark Ellis mark.ellis at rpl.richmond.bc.ca
Wed Jan 26 13:54:37 EST 2000 

John,

Look under "Security" in your hub or switch manual.  Hubs can often be
configured to scramble frames sent to devices other than that set in the
frame's destination address.  Packet sniffers will only be able to see
broadcast traffic this way--not logins, etc.

Some devices also allow you to specify a list of permitted MAC addresses, so
only machines you designate will have access to the network. This involves
more effort, particularly if your moving machines around a lot, but it will
prevent library users from using their machines on your network.

-----Original Message-----
From: John West [mailto:jwest at austinc.edu]
Sent: Wednesday, January 26, 2000 6:32 AM
To: perl4lib at vims.edu; web4lib at webjunction.org;
system-admin at sirsi.com
Subject: packet sniffing by the unauthorized


Our college's computing department is concerned that someone on campus has
been using packet sniffing software to determine other people's passwords.
This may not have been done maliciously, but just because it can be done.
However, we have a network policy that is explicit about doing such things.
 Unfortunately, like driving through traffic lights and stop signs, unless
there is someone in the way or a police officer sees the offense, there is
little that we are able to do to detect this.

Have any of you had to deal with this problem and if so, how have you done
so?  Is there a hardware/software solution to making this activity harder
to do?  Is there anyway to find out if someone is doing this on the network
and can the offender be pinpointed in someway?

I am sending this to several lists, so I apologize for any duplication.
Please email me directly, jwest at austinc.edu.

Thanks,



John R. West             "always the beautiful
Assoc. College Librarian/ answer who asks a 
Systems Administrator     more beautiful 
Abell Library Center      question..." 
Austin College              Edward Estlin Cummings
900 N. Grand Avenue       "If they can get you to 
Sherman, TX  75090-4440   ask the wrong questions
phone: 903-813-2536       then they don't need to
fax: 903-813-2297         worry about the answers."
e-mail:jwest at austinc.edu     Thomas Pynchon

More information about the Web4lib mailing list