mailing list archives
Re: Detecting a sniffer
From: cmetz () inner net (Craig Metz)
Date: Sun, 30 Apr 1995 12:30:45 -0400
Of course you can detect a sniffer, but are you willing to pay the cost
of doing so?
More importantly, have you managed your security risks taking into
account the possibility of being sniffed?
Fixing holes is one thing. In some environments, this is a reasonable
security solution (An example is many academic environments where there really
isn't much in the way of sensitive data). In others, where data processed
on computer equipment on a network is more sensitive (like trade secrets), if
you didn't design strong authentication and encryption into your total security
solution (thus making sniffers not really a threat), it's your own fault if
a sniffer on your network intercepts data.