“I firmly believe that the best way to beat the cracker is
to understand how the cracker works, what his tools are, how they
work, and how your system works. It’s vital to understand that
the tools I present here are for use on your network. As much as I
would like to make every reader of this column an expert, there
will always be things I miss. Without sounding too paranoid,
though, I’d like everyone to walk away from these discussions just
a little bit paranoid.”
“Last week, I mentioned in my “real life” example that my
cracker was using a sniffer to monitor network traffic and collect
user names and passwords. Since I did not go into much detail then,
I’ll try to clarify what I meant by sniffing. Simply put, a sniffer
is a tool that lets you monitor packets as they “fly” across your
network interface. You could simply monitor your machine’s own
traffic, but sniffers use promiscuous mode to scan all packets
bound for your network.”