Solved

Hacking networking packet

Posted on 2013-05-13
4
433 Views
Last Modified: 2013-05-23
I have a question on hacking.  Is is possible for someone to use a network analyser (e.g. wireshack) to capture network packets and then massage it or change the content and resend it as the originator.  Is possible how can I eliminate such threat.  My client/server is running on a public network that can be monitored by outsider.
0
Comment
Question by:tommym121
4 Comments
 
LVL 21

Assisted Solution

by:Rick_O_Shay
Rick_O_Shay earned 150 total points
ID: 39161206
Yes that is possible and it is called a "man in the middle" attack.
The best way to defend against it is to use some form of authentication/encryption like https vs http.
0
 
LVL 25

Assisted Solution

by:Cyclops3590
Cyclops3590 earned 200 total points
ID: 39161223
this is often handled in one of two areas but with the same mechanism: authentication.  usually its some type of hashing or digital signatures that are used depending on if pre-shared keys or certificates are used.  digital signatures is better though.  authentication maintains the integrity of the data but doesn't keep the data hidden; that is encryption.

it can either be handled by the application itself or a lower layer protocol like IPSec.  I would use IPSec as it should be more transparent to your application functionality and thus no code changes required.

however there are two main issues you need to worry about.  the first you identified, which is that a hacker could perform a man-in-the-middle attack and change the data.  the other is a replay attack in which the attacker doesn't care about the contents (say the password), they just know what data exists (whether encrypted or not).  so they "replay" or resend the captured data to gain unauthorized access.  IPSec can also help alleviate that risk with the ESP function.  IPSec is typically used for VPN only though. What kind of site are you running?  Using SSL may be useful to look at as well.  SSL is just a way to use certificates to identify who you are talking with and then create keys to do encryption, it doesn't have to just be used with HTTP.  It should take care of most of your concerns as well.

hope this explains the risks a little better.  also, keep in mind there is no way to "eliminate" risks, only mitigate, or make the probability of successful attack less.
0
 
LVL 10

Accepted Solution

by:
ienaxxx earned 150 total points
ID: 39161245
Use switches that monitors and avoid ARP poisoning and use cryptography for all client/server connections. (you can enable it on your servers infrastructure, same if it's windows or linux).
0
 

Author Closing Comment

by:tommym121
ID: 39190849
Thanks
0

Featured Post

VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
PCI scan - CIFS NULL Session Permitted 10 105
Network Packet Analyzer Solar Winds 3 86
managing a small network 6 83
How analyse your IT Outsourcing provider 3 31
Phishing is at the top of most security top 10 efforts you should be pursuing in 2016 and beyond. If you don't have phishing incorporated into your Security Awareness Program yet, now is the time. Phishers, and the scams they use, are only going to …
Load balancing is the method of dividing the total amount of work performed by one computer between two or more computers. Its aim is to get more work done in the same amount of time, ensuring that all the users get served faster.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

773 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question