[ILUG] [ot] secure sites
fergal at esatclear.ie
Thu Nov 1 13:18:34 GMT 2001
On Thu, Nov 01, 2001 at 01:14:19PM +0000, Gavin McCullagh wrote:
> Well if the subnet you sit on is not switched, the others on the subnet
> could do it either. That's important in some places (eg a college,
> internet cafe, library). Lot's of very dodgy people playing with stuff on
> the UCD network. Not to mention the number of undiscovered hacked
> machines which outsiders have effective control over.
Aboslutely but then again I think not being switch would be far worse at the
server end than the client end. The difference being that the percentage of
sensitive info travelling to the server (from all over the world) is
relatively high and when you write your traffic analyser, you know what urls
and what fields your looking for.
Whereas on a college network, there's mountains of crap floating around with
very little sensitive info and you also have no automatic way of actually
distinguishing the sensitive info from the background.
Of course you could easily get loads of passwords for the big mail services
if people aren't logging into them securely,
More information about the ILUG