Hi all,
i have a general problem, sorry if i have posted this in the wrong forum, but i am confused, so posting here....
we are using the windows XP in our office along with linux FC4... and i was thinking that other than system admin none of our collegues can know my password... but here is an amazing thing happening,,,!!!!!!!!!!!!!
one of my friends using linux softwares he is forwarding all the packets going into the main server via his PC and using other software namely de-sniff.. he is decrypting the information and he is able to know everyones password..... and also the IP messages logs... how can i avoid this is there any software for this ??? for both linux and windows....
excepting a great help from u....
thanks...

inform the network admin! he aint gonna be happy - as on a switched network this will only be possible if a. he is on a mirror port on one of the switches and is supposed to get all traffic (i highly doubt that)
b. apr poisoning... and i dont thing the net admin will be too impressed by that!
c. there is a firewall that reroutes traffic via him, which again will have to be known to the netadmin and is intentional!

besides - this action can get people kicked out of companies and in most countries this behavior (unless made known to all on the network by some guidlines, etc) will be illegal!

edit: if i were you i would arrange for a meeting with the net admin and your boss!

Thanks for the reply Nathanael,
but is there a way that each individual can avoid this ?
and why netadmin is not aware of this ?
and can u please explain me what is apr poisoning and mirror port ??

sorry - my mistake - did not mean apr i meant arp :-)
those are 2 phrases you can type into google: "arp poisoning" and "mirror port" or "monitor port" or check on wikipedia.

if arp poisoning is taking place the net admin does not have to be aware of this... unless it slows traffic down a lot. if it is only regarding traffic to the one server then it will not have to be noticeable.

no - there is no way to avoid being sniffed... the only thing one could avoid is having others being able to read the data that has been sniffed (i.e. using encryption - secure connections)

if the server regarding this topic is a fileserver, that guy may be in deep trouble as he may also be able to read confidential data.

again - i would suggest you talk to net admin and your boss about this, you do not have to mention your friend, but you can make people aware of this issue and have the net admin find out for himself who is doing this stuff (which is easy enough to do) - seriously - they need to be informed.

ya sure..thank u