It all depends on your perception of security and what you choose to accept as "secure". Note: Session Hijacking really has nothing to do with the original context of this thread, and none of my previous responses had anything to do with session hijacking.
IMO, unfeasible is a poor choice of words. It is certainly feasible, given proper circumstance and access. Do you think everyone working at ISPs have scruples? They don't - trust me. There are miscreants in every place of business. Then there is always the influence of corporate espionage or systems simply being exploited. I'm not being paranoid - I'm just acknowledging where the risk is. On the LAN/WAN its much easier because of access, but still not something that I would call commonplace. But because something is not a commonplace occurrence, doesn't mean it is secure. If you take this question up with a security list, such as the [Full-disclosure] list, you will surely get some interesting responses - and if you are lucky, from people with a level of knowledge that might just scare the crap out of you. [EMAIL PROTECTED] wrote: > From what I read, IP session hijacking is slightly easier on a LAN subnet, > but across the external > internet most references usually state they are unfeasible - although having > a compromised ISP may > help. ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ Assp-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/assp-user
