We help IT Professionals succeed at work.

We've partnered with Certified Experts, Carl Webster and Richard Faulkner, to bring you two Citrix podcasts. Learn about 2020 trends and get answers to your biggest Citrix questions!Listen Now

x

Login form - packet sniffer

nightzeus
nightzeus asked
on
Medium Priority
281 Views
Last Modified: 2013-12-04
Does my web site login have to be on a secure server or otherwise be easily vulnerable to hackers? I noticed some big name web sites logins are not on a secure server, so does the mean they are risking packet sniffers hackers?

How much risk is there not having your login on a secure server?

Thanks
Comment
Watch Question

Most of that would depend on where the server is housed. Most servers are hooked to switches now rather then hubs, so the sniff could only happen on that particular link or they'd have to sniff the traffic into the main switch. If the server is located in a trustworthy datacenter, they won't have employees trying to sniff your server traffic. The important thing is to lock down your server so someone doesn't run the sniffer on your own box. You won't have much control over the client side being sniffed, but you can secure your own side (server).

Not the solution you were looking for? Getting a personalized solution is easy.

Ask the Experts
CERTIFIED EXPERT
Distinguished Expert 2019

Commented:
Depends on where you're sniffing from. You'd have to sniff somewhere between the user and the location of the server itself. SSL is intended to make that hard for someone trying to be somewhere in the middle by encrypting the data. But here's the major question: what is the value of the data being transmitted? You don't want to spend too much more than what it's worth protecting it.
Access more of Experts Exchange with a free account
Thanks for using Experts Exchange.

Create a free account to continue.

Limited access with a free account allows you to:

  • View three pieces of content (articles, solutions, posts, and videos)
  • Ask the experts questions (counted toward content limit)
  • Customize your dashboard and profile

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.