220.127.116.11 Packet Sniffing
As noted earlier, a significant security issue with IM is that packet sniffing enables an attacker to view any unencrypted traffic on the network, including IM traffic. If a user within your organization is using IM to communicate with, say, a supplier or support person across the Internet, its possible that customer numbers, system or network passwords, and all manner of other information youd rather see kept private, is traveling in clear text across the Internet, from your network to the other partys.
Of course, this point of vulnerability has an up side in other situations. A Network based IDS (Intrusion Detection System) can use packet-sniffing to observe an entire network looking for previously discovered attack signatures, and take action to warn administrators and safeguard the network. As of 2003, IDS may be vulnerable to issues with IPv6210.
Home - Table Of Contents - Contact Us
CertiGuide for Security+ (http://www.CertiGuide.com/secplus/) on CertiGuide.com
Version 1.0 - Version Date: November 15, 2004
Adapted with permission from a work created by Tcat Houser et al.
CertiGuide.com Version © Copyright 2004 Charles M. Kozierok. All Rights Reserved.
Not responsible for any loss resulting from the use of this site.