how to prevent network sniffing

bominthu
bominthu used Ask the Experts™
on
Hi,

I need to setup a network which must have network sniffing prevention system so that when hacker try to sniff or capture traffic, it'll be failed.

Could you advise ?


Thanks
Rgds
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Aaron TomoskyDirector of Solutions Consulting

Commented:
Sniffing on a switched network requires the use of arp poisoning. Any decent managed switches can stop that. No way to really stop sniffing wired traffic unless you go walled garden but even that may not work.

Author

Commented:
I have tested capturing in a hotel wireless network before.
I can confirm that when i test capturing I get nothing except myself traffic. I'm not sure how they setup.


What kind of managed switch or device I can use to prevent from Sniffing  ?

Thanks
Aaron TomoskyDirector of Solutions Consulting

Commented:
There is a program called "Cain" available here:
http://www.oxid.it/cain.html

There are walkthroughs for arp poisoning sniffing. They work at hotels ;)
It basically tells the switch that all the Mac addresses (that you select) are on your switch port, so all traffic (normally you choose all ips to the gateway ip but you can choose any set of sources and destinations)  goes through your computer then continues on to it's destination.

Knowing its called arp poisoning is all you need to search for lots of information from Cisco and other sources
http://www.google.com/search?q=switches+block+arp+poisoning+attacks
Exploring SQL Server 2016: Fundamentals

Learn the fundamentals of Microsoft SQL Server, a relational database management system that stores and retrieves data when requested by other software applications.

Author

Commented:
Hi aarontomosky,

I used Cain & able in Hotel actually .It was not that I was trying to capture. It was just curious to know if in Public wifi which we have to log in using Cubic Portal authentication, I just wanted to know if other can capture http traffic or not.

When I capture using Cain & abel, i get nothing but when I test at home network , i can capture my friends traffic.

That is why I'm thinking which Cisco device or technology can prevent Network sniffing.

Appreciate if you can tell me which can really prevent network sniffing.

Thanks
Director of Solutions Consulting
Commented:
When you use cain did you follow the FAQ? Did you search for Mac and ips, add them to routes and start the route poisoner?

Some Wifi access points have an option called "walled garden" which means no wifi devices can talk to each other. This will stop Cain.

Sorry, I don't know specific switches that have these security features.
Khandakar Ashfaqur RahmanExpert/Consultant

Commented:
I'd request request you to disable ICMP Echo reply into gateway.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial