mailing list archives
Re: How to detect a sniffer
From: frank () prodigy com (Frank Wortner)
Date: Mon, 8 May 1995 09:58:03 -0400 (EDT)
On Fri, 5 May 1995, Dr. Frederick B. Cohen wrote:
I await anxiously the unbounded diatribe that is certain to result from
this assessment of the difficulty in detection of sniffers, but please
don't use the same sorts of abusive language or insults that you have
been throwing around so freely before asking legitimate questions. Just
because you don't know how, doesn't make it impossible.
It doesn't make it likely, either. All other "protective" technology and
techniques are just the embodiment of a willingness to accept some degree
of risk in return for the possibility of some benefit. Because an
organization desires network technology and connectivity, it must be
willing to accept the risks that go along with that. The cost of
detecting every possible breach has to be weighed against the benefit ---
and in this case, the likelihood of that breach. Since we are talking
about what Dr. Cohen implies is *extremely* expensive technology, the
possibility that someone will deploy it against most LANs or WANs is
If I'm wrong about the cost and difficulty involved, then please correct
me. Meanwhile, I won't loose any sleep about this "vulnerability."
In short, "Let's get real!"
"Outside of a dog, a book is a man's best friend;
inside of a dog, it's too dark to read." -- Groucho Marx