Packet Sniffing

Q:

We recently had two sites defaced on our servers, and the perpetrators are claiming to have used TCPDump. Is there a cheap way to encrypt the data packets to ensure they can’t be sniffed? … [snipped]

- Rob

A:

The easiest way to encrypt data between you and the server is to use SSL or SSH. If you are connecting to a web server, enable SSL encryption, if you are connecting to a service that can be protected by SSL, enable it.

If you can’t use SSL encryption in your product, you can use OpenSSH for tunneling of traffic to the destination host, or use OpenVPN (SSL based) to encrypt the connection between you and the destination host.

Share
  • http://irc.firewirez.net Pr33p

    Openssh had been avalible for a few years, and basically put a nail in the coffin for services like telnet and the R* services (on unix).
    Openssl can be used for almost anything with he right configuration.
    Mod_ssl is played in part with openssl to give apache ssl capability.
    And other tools such as Stunnel and Pgp are avalible.
    But remember its all good and well having encrpted services, but just keep them patched!

    Preep.

  • http://janantha.net Janantha

    Try using Open VPN or Real VNC. VPN solution is the best for you. Run the VPN server on the same machine your webserver is running. Then use a client to connect. The connection between your client and the server will be encrypted and you don’t have to worry from packet sniffers. This is the best solution so far against passive attacks.

    I found a new VPN solution which is also free named “hamachi”