Hi Ron,
>Exagerated? Can you explain why?
it's just what I said after. The fact that sniffing requires "physical
presence"
> > normally, you need root access to sniff packets, well, at least on
> > respectable OSes.
> > but let's forget about it, since everyone may be root somehow.
>
>Root access to sniff packets? I totally disagree! I am running ethereal as a
>normal user and I can grab packets from our LAN. I even tried changing my ip
>subnet but still, I was able to sniff packets. :-)
from the REAME file of ethereal:
"In order to capture packets from the network, you need to be running as root,
or have access to the appropriate entry under /dev if you system is so
inclined (...).
Although
> >
> > you can only sniff packets travelling in lines physically
> > connected to you.
> > You can harldy
> > ethersuck the other side of the moon.
>
>Could be but I guess you can setup some remote machines to put install
>sniffing tools. COMPROMISED.
>
> >
> > in the discussed case, unless someone manages to run a packet
> > sniffer on
> > one of the firewalls
> > or on the webserver, there is no way to sniff the passwords.
> >
>
>
>Ron
>-
>[To unsubscribe, send mail to [EMAIL PROTECTED] with
>"unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
