Although network monitoring seems omnipotent, it also has a fatal weakness, that is only as a second wave of attacks, hackers must have invaded a host to put network monitoring tools. And only in the network segment will have broadcast data, and there will be no broadcast between the number, so the limitations of network monitoring must be placed on the target network segment.
So the countermeasure is: as far as possible good security precautions to prevent hackers, so that from the source blocked the network monitoring of the harm, in addition if the XP system was placed in the network monitoring, it will have clues to follow. For example, the network slows down, the packet sent out is not always accepted by the target host, you can ping verification, if you often do not receive the target host response, it may be the web monitoring in trouble. There is as far as possible to the reasonable network segmentation, although it is not possible to do each host has a separate network segment, but the same network segment in the host must be absolutely reliable, can trust each other.
In addition, some sensitive data as far as possible not in clear text transmission, you can consider the use of SSH encryption, SSH is also called Secureshell. SSH is a protocol that provides secure communication in an application. It is built on the client/server model. The SSH server's allocation port is 22. The connection is established by using an algorithm from RSA. After the authorization is complete, the next communication data is encrypted using idea technology.
The article originates from the department