Sniffing Countermeasures

00:00

Hey, everyone, welcome back to the course in this video. We're gonna talk about some fundamental sniffing countermeasures that you could do to help protect your data and your organization a little bit better.

00:10

One of the number one things we can do is just restricting access to our network devices or restricting that physical access to help protect against an attacker actually installing a packet sniffer on the device. We can use encryption so encrypting that data. So even if the attacker does sniff our traffic and grabs those packets that can actually do anything with them because it's encrypted data,

00:30

we can permanently add the Mac address to the gateway, uh, to the AARP cash. And so that way the attacker can't spoof that information. We can also use static I P addresses or static art tables to prevent the attacker from adding spoofed ARP entries for devices on our network.

00:47

So other things that we can do include things like turning off network. I d broadcast a zwelling restricting our network to authorize users, and that way we can help protect it against the network being discovered by various sniffing tools out there. We can also scan are Knicks to see if they're using promiscuous mode and turn that off again promiscuous mode

01:03

just being that it's sending packets of data to all the devices.

01:07

Uh, just like the hubs did back in the day when they were used to be used in networks.

01:11

Similar thing here and so we would turn off promiscuous mode because we don't want all the traffic going to all the devices we only want traffic going from, Let's say computer A to computer be because that's where the communications should be going, and that helps protect against the attacker being able to sniff that network traffic.

01:30

We could also use things like secure FTP instead of FTP for securely transmitting our files.

01:38

We could use one time passwords. We can also use things like pretty good privacy for emails. We can use I P sec. We can use VPNs TLS Ssh, secure shell.

01:48

We can encrypt our wireless traffic. So using protocols like WP to two concrete that traffic,

01:53

we can also

01:55

use https instead of http to help protect our user names and passwords. So just a variety of ways that we could help protect against both the attacker being able to sniff our network traffic as well as if they're able to. We're protecting our data from

02:12

when they sniff it. They can't actually do anything with that data because we've used things like encryption.

02:16

So just a quick quiz question here for you all the following are ways to protect against sniffing attacks except which one i p sec turning on encryption or turning on promiscuous mode to secure our switches.

02:29

Alright, this one was probably pretty easy for you turning on promiscuous mode right again. I mentioned that we want to identify any devices that have promiscuous mode running and make sure that we turn that off to help protect the our network from the attack or being able to sniff those packets.