Date: Wed, 17 Jan 1996 18:42:55 -0700 (MST) From: Dave Andersen <angio@aros.net> To: ANDRSN@HOOVER.STANFORD.EDU (Annelise Anderson) Cc: questions@freebsd.org Subject: Re: ethernet packet sniffer. Message-ID: <199601180142.SAA14932@terra.aros.net> In-Reply-To: <01I04ED7J0MA00AKNQ@HOOVER.STANFORD.EDU> from "Annelise Anderson" at Jan 17, 96 03:36:53 pm
next in thread | previous in thread | raw e-mail | index | archive | help
Lo and behold, Annelise Anderson once said: > > It sounds like the sys admin--or anyone with root privileges--can > read absolutely everything going on--all e-mail in and out, all > keyboard activity, and so forth. Is this right? Thanks > Annelise Completely correct. The biggest risk is that if one of the machines on your network is compromised, you can sniff passwords in the clear across the local ethernet. Not a pretty situation. :) Switched ethernets are a bit better, but still not perfect. Actually reading & interpreting all of that material is a pain in the butt, but there are tools out there which can do it. EnGarde (http://www.EnGarde.com/) has several tools along these lines, some free, some commercial. ttywatcher can snoop to an extent (ftp://coast.cs.purdue.edu/pub/tools/unix/ttywatcher/) or their commercial IP-watcher, which can also take over a session remotely and do other neat tricks. (I'm not affiliated with them, I've just seen their web pages before) -Dave Andersen -- angio@aros.net Complete virtual hosting and business-oriented system administration Internet services. (WWW, FTP, email) http://www.aros.net/ http://www.aros.net/about/virtual/ "There are only two industries that refer to thier customers as 'users'."
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199601180142.SAA14932>