Snooping And Sniffing; Web Servers And Firewalls - McAfee INTERNET SECURITY 5.0 Manual

Internet Security and Privacy
108 McAfee Internet Security 5.0

Snooping and Sniffing

Since its inception, the Internet has been (and largely remains) an open
network. Openness means that information on the Internet travels without
any special security: Anyone who can monitor network traffic can intercept it.
This sort of monitoring is called "sniffing," and is easy to perform using
"sniffers." Sniffers are programs (or hardware devices) designed to monitor
data traveling over a network. Originally, sniffers were designed to help
network administrators track down networking problems. Unfortunately, the
same tool can also be used to steal information. Sniffers are insidious and
difficult to detect.
Sniffing often begins when a hacker breaches the security of a local Internet
Security Provider (ISP). A hacker does not need physical access to the ISP's
premises—sometimes a telephone line is sufficient (although it is also possible
to sniff with physical access to network cables). Once a hacker compromises
an ISP's system, the network traffic that travels through the ISP is no longer
secure.

Web Servers and Firewalls

Secure transactions are only one part of the problem. When an ISP's Web
server receives information, the ISP must be able to keep the information safe.
Hackers like to attack the security of Web servers because Web server security
is still in its infancy. As a consequence, Web administrators assume that a Web
server is open to attack, and try to keep them separated from other,
mission-critical computers. Some Web applications must, however, interact
with corporate databases, an open door to a clever hacker. One form of
security technology called a "firewall" can close the door, however, cannot
safeguard certain services.
What can I do to keep my stuff safe?
With sniffer in place, a hacker can intercept credit card numbers and other
private information by capturing data transmissions, and then using pattern
matching algorithms to filter out the valuable information. Intercepted credit
card info can be sold to criminals, intent on committing fraud.
To avoid this problem, Web browsers incorporate encryption technology that
cloaks information and makes it difficult to get at. Encryption is the basic
technique that the Web uses to guarantee information security.
The current encryption standard is called "Secure Sockets Layer" (SSL),
supported both by Microsoft and Netscape, and incorporated in their
browsers. An icon in the browser changes to indicate that SSL is active. When
you make a transaction with SSL active, you can be fairly comfortable that the
transaction is safe.