Departments & Programs


Switched ethernet

Last revision October 16, 2006

Security safeguards:
  1. Minimize network presence
  2. Using strong passwords
  3. Install security patches regularly
  4. Backup computer data
  5. Encrypted login
  6. Network firewall
  7. Switched ethernet

Communications between computers travel on some form of network. If a hacker can get access to the traffic on a network, he can passively and unobtrusively spy, or "sniff", that traffic to capture passwords and other valuable data. Some networks are more or less vulnerable to this hacker "sniffing".

At Stanford Earth Sciences, we have implemented a fully switched wired ethernet network. Switches create "virtual paths" that route traffic between computers so that it cannot be passively seen by other computers on the network. This makes network communications within Earth Sciences more secure. Communication between two computers on the Earth Sciences network is very unlikely to be intercepted by a hacker.

There are some hacker programs that can intercept communications on switched wired networks by tricking the communicating computers to route the data through the "sniffing" computer. These programs require access to a computer within the building, however, so they are not widely employed.

Other types of networks are at much greater risk of "sniffing" by hackers than the Earth Sciences switched wired network.

Wireless networks in Earth Sciences and elsewhere on the Stanford campus are not secure. By their very nature, radio waves cannot be directed to a single computer. Methods for encrypting the radio signals are weak and easily defeated, so they are not used at Stanford.

If you are accessing Earth Sciences computers from home or from other institutions, it is impossible to know over what type of connection your data is traveling. There could be a hacker who has compromised a router on the Internet and is able to monitor your traffic.

Because many networks that you may use are not secure, all connections should be encrypted so that even if intercepted, information such as passwords cannot be deciphered by a hacker.

Comments or Questions?