Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 260
  • Last Modified:

Outgoing traffic warning

Hello Experts

Please, I would like to have a list of outgoing packets characteristics which are suspect of being data stealing activity.

Thats in order to configure sniffers filter settings.

Thank you very much.

rcesar
0
rcesar
Asked:
rcesar
  • 4
  • 3
1 Solution
 
rcesarAuthor Commented:
Oops, don't know if I should have posted this in the security section. Lets see though.
0
 
ECNSSMTCommented:
for starters
you are looking for abnormal patterns like a high upload ratio to an noncommericial site, from there you may have to sniff packets to determine the contents if its not encrypted.  If you can narrow your intrusion detection process down to a few key server or services it can help.  But to detect "stealing" on a network is outright hard.

As a converse to detecting have you thought about either locking down internet services to just e.g. web browsing and email?  It won't stop the passing of proprietary information, but it will reduce on the avenues which can be used to send out data.

Then of course if you don't mind tipping your hand, you can let everyone in the office know in totally legal terms; pasing on company sensitive information is punishable by legal penalties, prison or death (I added the death part in order to escalate the drama), but per your legal department whatever that can be said is the most acceptible.  It should keep the "casual" leakage of information down.

If the threat is totally external, you should watch the traffic and determine what is abnormal.

Of course, if it gets serious enough, you may consider involving law enforcement officials.

Regards,
 
0
 
rcesarAuthor Commented:
Thanks ECNSSMT, and sorry I was not meaning criminal stealing, or so, and should not have used this term.

I'm just a single home user and my concern is about having to set my firewall to allow msn, p2p, traceroute and so programs to act as servers, hence just stay hoping they are faithful and are not capturing data from my computer, as done by cookies and spywares.

As I'm quite paranoid about these 'attempts' , I have decided to learn how to use sniffers and how to analyze outgoing packets to be sure they are not carrying what they shouldn't.

Thus, I think any tips, files, or online information that could help me to identify these sneak threats in the packets will be useful.

regards
0
Granular recovery for Microsoft Exchange

With Veeam Explorer for Microsoft Exchange you can choose the Exchange Servers and restore points you’re interested in, and Veeam Explorer will present the contents of those mailbox stores for browsing, searching and exporting.

 
rcesarAuthor Commented:
Hello ECNSSMT, maybe what I want is not possible? Or maybe you see I would not understand what you have to say?
0
 
ECNSSMTCommented:
Hi rcesar

I was away for the holiday.  

If its for home use, and you had a few PCs, you may be able to use a packet sniffer to casual sniffing.  If anything else, check out www.ethereal.com.  It will show you what kind of traffic is entering and exiting your PC.  

The "threats"  will be obvious when you take a look at the destination addresses.

In a home evnironment, since its only one or two PCs; managment will be nice and simple.

Regards,

 
0
 
ECNSSMTCommented:
thanks fo rthe points and sorry of the delay; I was actually enjoying myself spending time away from my computer.  (after I survived the shakes and withdrawl symptoms).

Regards,
0
 
rcesarAuthor Commented:
Sorry for delaying, ECNSSMT. And thank you. I'm now studying about the destination addresses. There's some issues I'm not understandig well for now, but I hope I will soon, or I'm coming back to ask about.

Regards,

rcesar
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

  • 4
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now