I'll add my opinions here, hopefully you will find them interesting: 1. Yes most sniffers can be configured to find just curtain types of traffic by headers (mail, ftp, etc.)
2. Yes but it takes more work than that, let me explain (this is but a sample scenario btw). Say I was a company in LA and I wanted to snoop the email of my competitor in NY city. I would need to find out who there ISP is (who runs there T1 or whatever) then I would need to "Hack" into that ISP ( Ok yes this is complicated it might require breaking into multiple routers and servers within the ISP to find the right link into there T1 ) and install my sniffer software to grab all the mail coming and going from that company. This could either be done by a group of black hat mercenaries or by a well placed inside at the ISP. 3. This is a rough scenario, it would be a very big case of corporate espionage that so far we haven't seen yet ( or at least not made public) but it is possible, with enough time money and luck it could be done, it all depends on how much $$$ the data is worth ??? Christopher Coffey Network Security Officer AAC-VA -----Original Message----- From: Dave Bujaucius [mailto:[EMAIL PROTECTED]] Sent: Friday, February 22, 2002 10:58 AM To: [EMAIL PROTECTED] Subject: Unencrypted Email It is common knowledge that unencrypted messages sent over an unsecured Internet connection *can* be viewed in clear text and thus the contents compromised. My questions: 1. Is it really easy? How readily available are sniffing tools that can do this? 2. Can it be done from a user's home dial up or DSL type connection? Can someone in California somehow be scanning mail leaving a New York location? 3. Outside of government agencies that have access to selected ISP's, how likely is it that a company could be targeted by an outside person or organization? I realize that like most IT issues everything is relative. I'm questioning the relative risk in sending confidential information over the Internet. Real life experiences versus theory. Dave Bujaucius
