So the first reason we give to encrypt content is to prevent against a man in th

Question

So the first reason we give to encrypt content is to prevent against a man in the middle sniffing all data. That is the reason ssh is used and not telnet for example. But in today's networks where there are really no hubs and all switches how easy and how prevalent are packet sniffing attacks?

What exactly needs to be done to get into a situation to sniff data and are there any tools to help?

I am not saying anything about encryption here, its purely a question about the feasibility and/or practicability of packet sniffing attacks. In fact recording encrypted communications might be useful in some scenarios e.g. to do cryptanalysis on the data or other attacks. So how do I sniff data in today's networks?

Explanation / Answer

'How common' is not answerable or useful - you need to look at your risk.

'How easy' is much simpler to answer. It is incredibly easy if you are on the same network segment as an endpoint, but it is also easy if you can compromise a router or switch.

So, if you have data communications that are a target for an attacker, then they will work out how much value that data has for them. The threshold here is pretty low, because of the ease of attack, however it requires the attacker to have a local connection of some kind.

The tools to do this are free and easy to use, so please conduct your own risk assessment to identify the risk to you.

Related Questions

Navigate

• Browse (All)
• Browse S
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.