Sniffing Countermeasures

  • Restrict the physical access to the network media to ensure that a packet sniffer cannot be installed.
  • Use encryption to protect confidential information.
  • Permanently add the MAC address of the gateway to the ARP cache.
  • Use static IP addresses and static ARP tables to prevent attackers from adding the spoofed ARP entries for machines in the network.
  • Turn off network identification broadcasts and if possible restrict the network to authorized users in order to protect network from being discovered with sniffing tools.
  • Use IPv6 instead of IPv4 protocol.
  • Use encrypted sessions such as SSH instead of Telnet, Secure Copy (SCP) instead of FTP, SSL for email connection, etc. to protect wireless network users against sniffing attacks.
  • Use HTTPS instead of HTTP to protect user names and passwords.
  • Use switch instead of hub as switch delivers data only to the intended recipient.
  • Use SFTP, instead of FTP for secure transfer of files.
  • Use PGP and S/MIPE, VPN, IPSec, SSL/TLS, Secure Shell (SSH) and One-time passwords (OTP).
  • Always encrypt the wireless traffic with a strong encryption protocol such as WPA and WPA2.
  • Retrieve MAC directly from NIC instead of OS; this prevents MAC address spoofing.
  • Use tools to determine if any NICs are running in the promiscuous mode.

Similar Posts

Leave a Reply

Your email address will not be published. Required fields are marked *