![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
Just Testing
Jul. 17th, 2004 01:12 pmA couple of students in Another Place are in trouble for "hacking". The news papers aren't particularly specific about what they did, but it sounds like they installed a packet sniffer and listened in on traffic across their network.
Ethernet networks have everyone hanging off the same piece of wire. If you're on an Ethernet network, your network card has a unique address. As the traffic for everyone on that piece of wire flows by, your computer picks up traffic addressed to it. It doesn't listen to other people's traffic because you usually don't care about it. However, by running your network card in what is delightfully known as promiscuous mode, you can see other people's traffic. Programs which do this and present the results to you are called packet sniffers. Ethereal is a popular free packet sniffer. Packet sniffers have legitimate uses, like diagnosing network problems or writing and debugging software which uses the network (I installed Ethereal the last time I was having problems with DNS lookups, for example). The remedies for undesired sniffing are encryption and restructuring the network so everyone's packets don't share the same piece of wire.
The Oxford students seem to have been disciplined for drawing attention to what they did, but none of what they found is news. A college network probably has everyone hanging off the same wire. There are encrypted versions of telnet, HTTP, IMAP and POP3 but not many people use them. There are a lot of clever people with time on their hands. You work it out.
People who know this have done some sort of risk calculation and come up with a solution that they're happy with, which balances convenience against privacy. For example, I only permit encrypted logins to my machines and don't send my password itself when fetching email (although the mail itself comes across the wire as plain text). Now you know what's possible, you can do that calculation too.
Ethernet networks have everyone hanging off the same piece of wire. If you're on an Ethernet network, your network card has a unique address. As the traffic for everyone on that piece of wire flows by, your computer picks up traffic addressed to it. It doesn't listen to other people's traffic because you usually don't care about it. However, by running your network card in what is delightfully known as promiscuous mode, you can see other people's traffic. Programs which do this and present the results to you are called packet sniffers. Ethereal is a popular free packet sniffer. Packet sniffers have legitimate uses, like diagnosing network problems or writing and debugging software which uses the network (I installed Ethereal the last time I was having problems with DNS lookups, for example). The remedies for undesired sniffing are encryption and restructuring the network so everyone's packets don't share the same piece of wire.
The Oxford students seem to have been disciplined for drawing attention to what they did, but none of what they found is news. A college network probably has everyone hanging off the same wire. There are encrypted versions of telnet, HTTP, IMAP and POP3 but not many people use them. There are a lot of clever people with time on their hands. You work it out.
People who know this have done some sort of risk calculation and come up with a solution that they're happy with, which balances convenience against privacy. For example, I only permit encrypted logins to my machines and don't send my password itself when fetching email (although the mail itself comes across the wire as plain text). Now you know what's possible, you can do that calculation too.
