This course will help prep you to earn the CompTIA Healthcare IT Technician certification showing that you have the knowledge and skills needed to succeed in installing, managing, and troubleshooting IT systems in medical and clinical settings.
Secure traffic between 2 desktops
Hi Experts,
I was hoping for some advice.
This is the setup we have - we have an application running on a Windows 10 machine that sends TCP traffic to another Windows 10 machine. The 2 machines are in the same subnet but are not in a domain. Neither are allowed access to the internet.
We need to encrypt the traffic between the 2 machines to prevent a 'man in the middle attack'. Can you please advise on the best method to achieve this? We can use third party software but cannot change our application. The current method we're exploring is an IPsec tunnel between the machines but have yet to get this to work.
Thanks in advance
I was hoping for some advice.
This is the setup we have - we have an application running on a Windows 10 machine that sends TCP traffic to another Windows 10 machine. The 2 machines are in the same subnet but are not in a domain. Neither are allowed access to the internet.
We need to encrypt the traffic between the 2 machines to prevent a 'man in the middle attack'. Can you please advise on the best method to achieve this? We can use third party software but cannot change our application. The current method we're exploring is an IPsec tunnel between the machines but have yet to get this to work.
Thanks in advance
Do more with
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
This depends on the kind of traffic. If you access shares of the other machine, it is SMB traffic and that would be encrypted by default between Win10 machines.
Hi both,
Thanks for getting back to me
Not we're not using shares unfortunately.
Yes both machines are on our premises
Many thanks
Thanks for getting back to me
Not we're not using shares unfortunately.
Yes both machines are on our premises
Many thanks
So how exactly there is the chance for man in the middle ?...are they connected via wireless or cable ?
Connected by cables via switch
pushing the traffic via certain ports to a 'listener' application on the second desktop.
pushing the traffic via certain ports to a 'listener' application on the second desktop.
And the man in the middle attack is supposed to happen how ?....the only viable way is to have a managed switch with port mirroring ....so you lock physically the rack and thus you prevent the attack...
I agree with John. Doing attacks that can do without the switch mirroring port is not easy and will definitely be noticed at the client due to a massive slowdown not only of network traffic but of also of working on the machine. The risk is low when there's no accessible mirroring port involved.
Of course you could also go another route: install wifi cards into the machines and use wireless encryption, give the key to no one else
Of course you could also go another route: install wifi cards into the machines and use wireless encryption, give the key to no one else
If the machines are less than 100m you can use a crossover cable to connect between them and do some kind on enclosing so none has access (at least without causing severe and noticeable damage)
Premium Content
You need an Expert Office subscription to comment.Start Free Trial