Hardware, software and organizational means of protecting the resources of the personal data information system from unauthorized access by means of "sniffing attacks"

Abstract

Objective. The article discusses hardware and software methods of protecting the resources of the personal data information system from unauthorized access by means of "sniffing attacks"; the essence of which is to intercept data that is delivered within the observed system in the form of packets.Method. The analysis of the security of resources by the personal data information system regarding unauthorized access to data by means of "sniffing attacks" includes five conditional stages: collecting information in the personal data information system, scanning the personal data information system, gaining access to the personal data information system, securing personal data in the information system, generating a report; at the same time, security analysis it is always associated with unauthorized access to data.Result. To prevent unauthorized access to data by means of "sniffing attacks", the following software and hardware solutions are proposed to minimize the consequences of unauthorized exposure to the personal data information system: the use of the HTTPS protocol, a secure version of the HTTP protocol; the use of a static ARP table generated manually; scanning of the computer network of the personal data information system by the AntiSniff program; encryption of the computer network traffic networks of the personal data information system.Conclusion.The presented hardware and software solutions allow minimizing the consequences of unauthorized impact on personal data information systems.