next up previous contents
Next: Denial of Service Up: Generic Description of Previous: Impersonating a User


  Eavesdropping allows a cracker to make a complete transcript of network activity. As a result, a cracker can obtain sensitive information, such as, passwords, data, and procedures for performing functions. It is possible for a cracker to eavesdrop using wiretapping, eavesdropping by radio and eavesdropping via auxiliary ports on terminals [GS91]. It is also possible to eavesdrop using software that monitors packets sent over the network. In most cases, it is difficult to detect that a cracker is eavesdropping.

Many network programs, such as telnet and ftp are vulnerable to eavesdroppers obtaining passwords which are often sent across the network unencrypted. Threats associated with use of telnet and ftp are described in sections 9.2.1 and 9.2.2.

Network programs which involve file transfer are susceptible to eavesdroppers obtaining the contents of files. In particular, NFS, RPC, rcp, and ftp are vulnerable to unintended disclosure of data. Encryption can be used to prevent eavesdroppers from obtaining data traveling over unsecured networks. Section 5.1 provides information on cryptography.

John Barkley
Fri Oct 7 16:17:21 EDT 1994