previous | start | next

Network Monitoring

In most multiaccess networks, it is trivially easy for a host to set its network interface into "promiscuous mode", and copy all data frames which pass across the network.
 
This is called eavesdropping or (in some circles) packet snarfing. Once the host has copies of all the frames it desires, it can then analyse them to discover the data they contain.

Most data transfers across the Internet are not encoded (or encrypted) in any way -- the data is simply sent as plain text. Thus it is simple to observe messages transmitted by others. This is the origin of the (oft repeated, and generally true) assertion that "The Internet is insecure". The solution is encryption -- encoding the message so that it is unintelligible to the intruder.

An area where this insecurity can present a serious problem is password authentication. Many application protocols (eg Telnet, POP3, etc) send their usernames and passwords across the network as plain text, exactly the same as other data -- ie, unencrypted. You need to always be aware of this possibility!
Encryption is a vast technical, scientific and political topic, tightly intertwined with the history of computing itself. We will look briefly at a few aspects in this lecture and the next.
 


previous | start | next