||Oracle Tips by Burleson
Chapter 8 -
Network Sniffing Tools
When this information is combined with the fact
that Qwest provides the DNS services, it narrows down the possible
geography of the user. Finally, the IP addresses contained in this
log file tell the interested observer what network addresses are in
use at the target site.
All of these components become a part of making
a profile of the target. Of course, the more information thieves
learn about their intended victim, the more damage they can inflict.
Potentially, even usernames and passwords could be available to a
sniffer, but encryption is becoming more and more common.
Encryption is a process through which data is encoded so as not to
be understandable to anyone but the recipient. Using encryption
makes the data that is gathered more difficult to analyze since the
encryption must first be deciphered before any readable text is
Using a network sniffer becomes less useful for
a hacker when the network is switched or segmented into virtual LANs
(VLAN). This is because of the way a network transmits information
between machines. A non-switched network transmits all information
to all of the machines on that network and leaves each machine to
ignore any unintended messages.
In comparison, a switched network only sends
the information to the intended recipient machine. A switched
network is still at risk if a hacker is able to compromise or break
into the switch, but that is usually more difficult than just
compromising any workstation on the network. A hacker can also use
other tools like DSNIFF to steal or borrow network packets and read
Download your Oracle scripts now:
definitive Oracle Script collection for every Oracle professional DBA