| |
Password theft
It is relatively simple to steal passwords from other users in a
network if the computers are not secure. Passwords can
be stolen in a number of ways. Monitoring the traffic
on the network is an advanced but relatively easily accomplished
technique.Theoretically, an unauthorized user can tap into the cable
at any point along its length, and listen to all the passing network traffic. Encrypting all network traffic would protect against this
threat. A variety of different types of packet may be
sent along a network cable in the space of a second.
Some of them can be read directly, while others are encrypted.
Commercial programs exist to monitor to the packets. Many network cards
are even supplied with a fault finding program that lets you monitor all the packets sent through the cables.
This
demonstrates the importance of physical security of the network cables. Avoid
any points of contact outside the building. Another
way of stealing passwords is to load a false logon program that stores passwords
with user IDs. This is one reason why system administrators must never
log onto a computer other than his own, which must, of course, be secure. There are also memory-resident programs that detect whenever
logon programs are run. When they are started, the
next 20 keystrokes are stored in a hidden file. These
programs are widely available on the Internet.
Security FAQ
Windows Privacy Tools - http//www.privacywindows.com
| |
