Encryption for MSN Messenger (2 avoid sniffers)

[PakiBlue]

1. We are working on a large LAN, which is not secure. People can use packet sniffers to check the data that is going from my PC to the proxy server and discover if the data requests include MSN communication. I need a method whereby the traffic being generated from my IP cannot be spoofed and sorted. In short, I need an encryption method. Please suggest something.
2. Secondly, people on the network are also using software that allows them to generate requests to the proxy server and make it seem as if the requests are generated from my IP. Its like virtually using my IP for sending requests to the proxy and getting the privileges that my IP has. Help.

[slarty]

Originally posted here by PakiBlue
1. We are working on a large LAN, which is not secure.

Sounds like your LAN needs an upgrade.

If you're using a large unswitched LAN, firstly you are going to have very poor performance, because a single transfer can "max out" the segment for everyone.

Secondly, as you've pointed out, it allows sniffing.

You say it's a "Large" LAN - care to qualify it?

I would say, that if you can't afford to upgrade the entire thing, buy a fast switch, and use it as a "backbone" for your servers, important users, and routers / proxies, and hang the other hubs off there. Then at least users won't be able to sniff stuff from other segments any more.

As far as IP address takeover is concerned, you could get a switch with built in ARP caching capabilities and add static ARP entries for your important IP addresses to prevent unauthorised use of that IP.

Alternatively, you could just note the MAC addresses of the boxes which are attempting to take over a privileged IP address and then just ban them from the switch - then the users would complain pretty fast and you'd find out who they were.

You could also reconfigure your proxy server to use authentication instead of IP-based security.

Slarty

[PakiBlue]

Actually, it's the University's LAN - you would have the idea about university LANs spreading in every single room of the hostel. I'm just another user not admin; so upgrading is not my part of problem as such.

And no, speed is not a concern at all!

Thanks for the IP take-over help. Is there more to it?

My real concern is privacy. I just want that nobody can actually sniff my messenger conversations (plus anything else). Encryption is possible? It's pretty basic need but I don't find a solution. Please help

[nihil]

PakiBlue

Hi there, this is not quite what you are asking for, but IMHO might be of use for you as you say that you are using MSN?

http://www.bitdefender.com

They do security/protection for MSN and a number of other popular IM applications. I believe that these are to protect you from malware and such, rather than data security, but I would suggest that this should be part of your comprehensive security solution?

The applications are "free"

Hope this helps,

Cheers

[prodikal]

I use simp from secway if you want to talk with encryption with it the people you want to talk to has to have it installed as-well

[MrLinus]

What about simply using SSH tunnelling rather than a new application? That way you can tunnel it on the university area (which is where you're more likely to get sniffed) but still use the standard apps.

Just a random idea on it. Use google ("tutorial + ssh tunnelling") to find necessary hints/howtos. There's lots of info out there.

[PakiBlue]

Thanks nihil and prodikal for your help.

Yo, I find secway to be of some help. Yeah, I know encryption works pair... C'mon, am not that bad; was just asking for solutions.

SSH tunneling? I'm digging...
thanks Mittens

[allenb1963]

www.ceruleanstudios.com is the home of Trillian, which accesses MSN, ICQ, AOL, Yahoo and IRC. Using Trillian as your IM client at both ends of the conversation supposedly allows for a direct encrypted connection. May be what you are looking for, may not.

Just my .02.....

[allenb1963]

Oops...I found this today and it looks very promising.

[Syini666]

here is another encrypted IM program that uses both 2048 bit RSA and 448 bit Blowfish. Not the most visually pleasing client, but its upside is that it uses Java and can run on just about any platform with a Java Virtual Machine.