site provides information and programs relevant to security
of systems. Anyway, don't forget that the work of so-called
hackers exclusively bases on inattention of system-makers
and on software bugs arising from servers and from operative
systems. If a system-maker takes precautions such as
to disable not necessary services, to set access-passwords
with more than 10 digits that will be changed at least
every month, to install HOTFIX and SERVICE PACKS...then
the work of the hacker will be consequently hard if
Remember that a sniffing aiming at analysing all the
packets going along a network segment has to be carried
out by means of programs installed on systems connected
with the same segment : the result is that if the hacker
can't enter these systems, the installation of these
softwares will be impossible such as the same sniffing.
Softwares like CARNIVORE need installation on systems
that have to be supervised.
This means that by taking care of your operative system,
you'll make hard the life of those who abusively enter
On the contrary, use yourself sniffing programs on your
systems in such a way as to get knowledge about not
authorized use of certain services or of certain IP.
Programs like CommView or Anasil II show all your network
use and you'll understand if something is going wrong.
On a professional network devote a system to the evaluation
of the network traffic by means of several packet-analysers
and by means of softwares in order to identfy probable
intrusions. Another secret is to use servers on intranet
addresses re-addressing public IP toward private IP
through a software as RINETD.
In such a way you'll carry out a bridge between public
and private IP only as regards requested services in
order to avoid hackers' entrance on meaningful systems.
Moreover, "lark-mirrors" are excellent ways
to congregate hackers' efforts onto sofwares that carry
out no service but simulate to do.
For example, I've disabled TELNET on a system but there's
a program that opens a socket on TELNET's door in order
to simulate that this service is still running. Infact,
this program only simulates a prompt and nothing more...neither
checks the login but, on the contrary, warns about a
wrong attempt. All the possible exploits have no effect
on a well-protected system.
Another precaution is a choice of a very good firewall.
For professional services do not use firewalls in software
but trust to firewalls like CISCO PIX 515 or similar
ones that can carry out rules on packets and will perform
tests on fragmentary characters and on other kinds of
abuses of TCP and IP protocols.
To be sure to be informed about all HOTFIX and about
all service packs, send a message without subject and
without text to : firstname.lastname@example.org
I hope to keep on bringing up-to-date my site in English.