Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I'm using internet thru a common network which having a proxy server attacehd and others including me as clients , so one problem arises , my network password set by sys admin , it can be easily monitored by my fellow collegues using "dnsiff -i eth1 " , since its wireless mode , packet can be easily compromised
Any way to be in hidden mode ?
Coz using network password only we can go online , else cant
So if a person sniffs my user and pass , they can enter in my identity.
Any solution , i believe question and scenario is cleared
Last edited by vibinlakshman; 02-17-2009 at 10:10 AM.
it can be easily monitored by my fellow collegues using "dnsiff -i eth1 " , since its wireless mode , packet can be easily compromised
it doesnt matter whether you were in wireless or wired mode - as long as your traffic is in plain text then its plain text.
nice topic btw,
but - as my nature that i dont like to talk any in-depth security topic in public forum, but as for your guidance - you might to start using an tunneled session like using HTTPS or SSL. if you need more than session based connection - you can start using IPSec as your communication method.
I'm using internet thru a common network which having a proxy server attacehd and others including me as clients , so one problem arises , my network password set by sys admin , it can be easily monitored by my fellow collegues using "dnsiff -i eth1 " , since its wireless mode , packet can be easily compromised
Any way to be in hidden mode ?
Coz using network password only we can go online , else cant
So if a person sniffs my user and pass , they can enter in my identity.
Any solution , i believe question and scenario is cleared
Quote:
Originally Posted by rossonieri#1
it doesnt matter whether you were in wireless or wired mode - as long as your traffic is in plain text then its plain text.
nice topic btw,
but - as my nature that i dont like to talk any in-depth security topic in public forum, but as for your guidance - you might to start using an tunneled session like using HTTPS or SSL. if you need more than session based connection - you can start using IPSec as your communication method.
It seems to me like the password he is referring to is the one for the proxy server. So an SSL tunnel isn't gonna be an option unless the administrator explicitly made it one. vibinlakshman, have you considered approaching the system administrator and expressing your concerns to him? That might be all it takes for him to implement an SSL-protected authentication scheme.
Approaching sys admin would be the option , but i dont think they can provide a solution , i fear more security has to be added .
Thanks for all advice
May i knw what wud they supposed to be do , as a first step ..
Depends on how exactly the plaintext password is getting to the proxy right now. If it's via a form on a Web page, then all they need to do is switch from HTTP to HTTPS for that page. This involves deploying a signed certificate, of course.
Depends on how exactly the plaintext password is getting to the proxy right now. If it's via a form on a Web page, then all they need to do is switch from HTTP to HTTPS for that page. This involves deploying a signed certificate, of course.
Yea nw i got it we had signed certificate also , but normally we accept when certificate windows pops up , is this the same certificate u r talking about , normally we click the first option allow certificate for this session, smething like that..
Yea nw i got it we had signed certificate also , but normally we accept when certificate windows pops up , is this the same certificate u r talking about , normally we click the first option allow certificate for this session, smething like that..
It sounds like they are using a self-signed certificate. This is fine if you have a way to verify that the public key does indeed belong to that server (this isn't necessary to do with certificates that are signed by trusted third parties). If you can confirm the public key, and permanently accept the certificate, then you should be okay. But if you are instead blindly doing the "accept the certificate for this session" thing, then every time you do so you are vulnerable to a man-in-the-middle attack.
That said, assuming that you have NOT been under a MITM attack, then regardless of whether your network is wired or wireless your password will be protected by the PKI scheme used by the server.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
How to avoid dsniff ?
