> -----Original Message-----
> From: mouss [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, August 31, 2000 4:12 AM
> To: Behm, Jeffrey L.; [EMAIL PROTECTED]
> Cc: 'Ronneil Camara'
> Subject: RE: Telnet vs SSH
>
Hi mouss,
>
> This is exagerated though.
Exagerated? Can you explain why?
> normally, you need root access to sniff packets, well, at least on
> respectable OSes.
> but let's forget about it, since everyone may be root somehow.
Root access to sniff packets? I totally disagree! I am running ethereal as a
normal user and I can grab packets from our LAN. I even tried changing my ip
subnet but still, I was able to sniff packets. :-)
>
> you can only sniff packets travelling in lines physically
> connected to you.
> You can harldy
> ethersuck the other side of the moon.
Could be but I guess you can setup some remote machines to put install
sniffing tools. COMPROMISED.
>
> in the discussed case, unless someone manages to run a packet
> sniffer on
> one of the firewalls
> or on the webserver, there is no way to sniff the passwords.
>
Ron
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
