Week 6 Takeaways
Reading Summary:
Packet sniffing can exists in a switched or non-switched environment. Packet sniffing usually arises from an internal threat and it is shares the same concept as the man-in-the-middle attack where the attacker uses various ways to re-route the network traffic from the person’s machine to his own machine. As a result, re-configuring the IT infrastructure, such as replacing hubs with newer switches, can mitigate such an attack. ARP (Address Resolution Protocol) spoofing” allows a hacker to access and monitor the network traffic in a switched environment. However, there are third party tools that allow sniffing on a switched network and alert the company of any potential threats. Packet sniffing in a non-switched environment is very popular with repeating passwords or any other significant information from the network. There are many free sniffing tools, such as “dsniff” which is used for plaintext protocols. Even though packet sniffing continuously occurs, companies must adapt to a better encryption policy. This will replace insecure protocols and mitigate any threats on its environment.
Question for the class:
Can you think of any cheaper solutions to prevent packet sniffing given the fact that encryption is very expensive and companies tend to choose speed over money (a solution/tool that allows them to encrypt data at a fast rate but not have best security in place)?
Article:
The US Securities and Exchange Commission (SEC)is investigating two former Capital One data analysts who allegedly used insider information associated with their jobs to trade stocks—in this case, a $150,000 investment allegedly turned into $2.8 million. The challenge arises when these defendants believe that the Fifth Amendment protects them and does not allow to turn over their mobile devices passcodes. As a result to protecting against self-incrimination, Judge Mark Kearny, federal judge in Pennsylvania ruled that the defendants cannot be forced to divulge their smartphone passwords to SEC.
Click here for additional information regarding this article.
Leave a Reply