Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

Practical solution to prevent users from sniffing traffic

Can you please advice me of a practical solution to prevent users from sniffing traffic (revealing others data and passwords) inside my LAN. All switches and routers are Cisco, and the LAN contains more than 500 users.
One word: encryption! Encrypt your data using a strong cipher. Avoid using programs such as FTP, Telnet, Remote Shell (rsh), etc, which use clear text and can be easily sniffed. Instead, use Kerberos tickets for your LAN, private/public key pairs for transfers, VPN for remote connectivity, SSL for commerce site, and encryption (EFS) for Win2K. Prevent unnecessary services and ports from going through your routers and firewalls. Read through my series for security tips on configuring Secure FTP (SFTP) and SSH2 Server; protecting your border routers and firewalls; securing your web servers and database servers.
Kind regards,
This was last published in May 2003

Dig Deeper on Network Monitoring

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.