PDA

View Full Version : Re: Likelihood of IT using a Packet Sniffer



Nomen Nescio
08-12-08, 12:30 AM
"CodeMonkey" <acuttitta@gmail.com> wrote in message news:1a8cdc56-3d08-43eb-a618-acda2f3d73b7@k37g2000hsf.googlegroups.com...
>A buddy of mine used to have a PC that didn't work through his
> employer's network but tapped straight into the internet (not sure how
> that setup worked, so just bear with me). Recently, they moved from a
> wired network to a wireless one. To our knowledge, that machine is
> still set up with a direct connection (he uses an external computer
> system and it doesn't work well with the netowork).
>
> A mutual friend of ours happened to mention the concept of a packet
> sniffer to him and now he's completely paranoid about using said PC
> for anything other than the strictest of business. A day gets boring,
> so you hit a few of your gaming forums, browse a bunch of news sites,
> and maybe doing some instant messaging (GMail ftw!), whatever. No,
> he's not hitting porn; he's bored, not a moron!
>
> I've tried explaining to him that the only reason they're going to be
> checking his traffic is if he's given them a reason to do so. He
> busts his ass for the company, is almost always on time, works OT at
> the drop of a hat, and is basically his boss's right hand man. Even
> so, he won't so much as crack open his GMail now to check it during
> the day out of fear of Big Brother watching.

If he is really worried, tell him to use a suscription
VPN service. A GOOD one will cost around $40 per month,
for a high speed one. The connection will be encrypted,
and packet sniffers will be USELESS against his encrypted
connection.

There is one that *I* am using, while here in China to
cover the Olympics, out of Cyprus, called BananaVPN.
They even say that if you use their service, your
admins will NOT see what you are doing. I use BananaVPN,
in addition to the encrypted connection on my own
server, so the Chinese authorities cannot eavesdrop
on what I do.

BananaVPN is headquarted in Cyprus and allows you to
choose either a Germany, UK, or USA VPN server, for $20
per month. German or USA server are $20 a month, but
there is a limited time special on suscriptions to the UK
server at only $15 per month.


Have your friend check them out, if he really IS that
paranoid about having his surfing watched.

If the CHINESE and their "Great Firewall" cannot monitor
what I do, while using BananaVPN, then NOBODY can find
out what you are up to with BananaVPN.

Becuase the BUSINESS is in CYPRUS, as long as you use
the either the BRITISH or GERMAN server of theirs, the
business owners are NOT SUBJECT to United States laws, and
CANNOT be compelled to tell anyone where you going on their
networks, unless it breaks either British, German, or
Cypriot law.

Skywise
08-12-08, 01:14 AM
Nomen Nescio <nobody@dizum.com> wrote in
news:c5840971fa5daccf082f936dcafde283@dizum.com:

> If he is really worried, tell him to use a suscription
> VPN service. A GOOD one will cost around $40 per month,
> for a high speed one. The connection will be encrypted,
> and packet sniffers will be USELESS against his encrypted
> connection.

And what do you expect the admins are going to do when
they see encrypted traffic going through their servers,
traffic that is not expected? They may not see WHAT is
being sent/received, but they are still going to know
WHO. That alone may be enough grounds for termination.
In the extreme it could lead to a criminal investigation
to see if any company secrets were divulged.



> If the CHINESE and their "Great Firewall" cannot monitor
> what I do, while using BananaVPN, then NOBODY can find
> out what you are up to with BananaVPN.
>
> Becuase the BUSINESS is in CYPRUS, as long as you use
> the either the BRITISH or GERMAN server of theirs, the
> business owners are NOT SUBJECT to United States laws, and
> CANNOT be compelled to tell anyone where you going on their
> networks, unless it breaks either British, German, or
> Cypriot law.

BananaVPN may not be subject to any but those laws, but
the person using the service still resides in another
country (USA, or China) and is still subject to THEIR
laws. Again, 'they' may not know WHAT is being sent, but
they will know WHO.

Go read up on cryptography some and pay attention to the
bit discussing "traffic analysis". Data does not have to
be decrypted to learn something about it.

I'm not even an expert and I know this. What do you think
the big boys know and can do?

Brian
--
http://www.skywise711.com - Lasers, Seismology, Astronomy, Skepticism
Seismic FAQ: http://www.skywise711.com/SeismicFAQ/SeismicFAQ.html
Quake "predictions": http://www.skywise711.com/quakes/EQDB/index.html
Sed quis custodiet ipsos Custodes?