LinuxQuestions.org
Visit the LQ Articles and Editorials section
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
LinkBack Search this Thread
Old 11-06-2008, 02:24 PM   #1
metallica1973
Senior Member
 
Registered: Feb 2003
Location: Washington D.C
Posts: 2,099

Rep: Reputation: 57
Internet Security Class


I will be taking a class soon on internet security and was asked the other day this question and I couldn't confidently answer the question:

A cracker who has phished information about you has discovered the ISP that you are using and your public ip address. Let say you are sending unencrypted email to an external smtp server, how would a cracker intercept the traffic and analyze it? how would that be done from the crackers computer?
 
Old 11-06-2008, 02:55 PM   #2
rossonieri#1
Member
 
Registered: Jun 2007
Posts: 359

Rep: Reputation: 34
hi metallica,

so ... what was your answer that made you feel so unconfident?
i think its fun ... let me hear your story and your analysis to your answer.
 
Old 11-06-2008, 03:10 PM   #3
metallica1973
Senior Member
 
Registered: Feb 2003
Location: Washington D.C
Posts: 2,099

Original Poster
Rep: Reputation: 57
I am saying this hesitantly. I would imaging using some type of sniffing program associating it to that victims public ip address and using a analyzer like wireshark to analyze the data. I am having trouble picturing how it would be done coming from someone who has no experience in that arena. My under study is network security so bare with me.

Last edited by metallica1973; 11-06-2008 at 03:11 PM.
 
Old 11-07-2008, 12:32 AM   #4
rossonieri#1
Member
 
Registered: Jun 2007
Posts: 359

Rep: Reputation: 34
hi,

actually, i'm a bit un-confident too when discussing security-related things in public area - so we have to be carefully limit our conversations

ok ... sniffing - that is a good approach.

and now, i think we must stop here - no offense, but you can always discuss any security-related thing in a closed study-group (eg. your classroom) and guided by your instructor - so you can understand exactly what you are/will doing.
 
Old 11-07-2008, 12:45 AM   #5
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
It's fine if you guys want to discuss possible answers to the question from the OP. This type of discussion benefits legitimate system administrators. All I ask is that you don't get into specifics - keep things theoretical. And please provide a brief overview on how to protect against the method of attack you are describing, if possible. Personally, I don't see how a bad guy suddenly finding out our ISP and public IP address would give him any substantial edge when it comes to intercepting our traffic. We should have been operating under the assumption that this information was available to him all along. Perhaps I'm not understanding the question properly.

Last edited by win32sux; 11-07-2008 at 12:52 AM.
 
Old 11-07-2008, 06:05 AM   #6
OlRoy
Member
 
Registered: Dec 2002
Posts: 304

Rep: Reputation: 86
The biggest problem with an attacker doing this is she probably isn't in the path the data is traveling so using a packet sniffer won't do any good...

Unless she can get the traffic to come to her with DNS cache poisoning or by compromising a router such as the targets default gateway, and forwards traffic to her computer. More reason to keep up-to-date with your patches.
 
Old 11-07-2008, 09:19 PM   #7
metallica1973
Senior Member
 
Registered: Feb 2003
Location: Washington D.C
Posts: 2,099

Original Poster
Rep: Reputation: 57
So DNS poisoning would be one method and redirection of traffic. So as far as sniffing is concerned it would have to be done locally and physically on the network?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: Use method-based security to protect Java class instances LXer Syndicated Linux News 0 10-29-2007 03:20 PM
C++ templated Node class: pointers to different instantated class types jhwilliams Programming 3 08-20-2007 06:20 PM
Internet Tolls and Second Class Netizens? Peufelon General 4 10-20-2006 05:30 PM
Does derivated class inherit base class destructor (constructor)? kornerr Programming 2 08-23-2006 08:05 AM
how to share internet with two diff class ip's deepak rawat Linux - Networking 1 04-22-2006 09:34 AM


All times are GMT -5. The time now is 07:55 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration