compare and constrast measures which could be taken to reduce the risk of such an occurrence.
2006-11-01 08:48:33 · 5 answers · asked by salami s 1 in Computers & Internet ➔ Computer Networking
almost as easy as it would be to get caught and sent to jail for trying it.
2006-11-03 05:44:50 · answer #1 · answered by xerocs 5 · 1⤊ 0⤋
It's almost trivial to sniff networks.
- Ethernet hub vs. switch: A switch will in general not send traffic to all connected computer, but can be forced by people flooding mac tables to do that anyway. Administrators can also configure ports that replicate traffic. Even without all of that, if they can somehow get to the physical wire, they're home free.
- Encryption: will safe you while in transport (so from sniffing off of the network itself), but it is typically not used in many environments.
SMTP can be used in TLS mode, but both MTAs need to participate and have a valid cert. This is very uncommon on today's Internet and as such most email is sent unencrypted by the protocol itself.
POP,IMAP can be used over SSL. If you can, do so. It not only protects the email, but also the username and password needed to access your email.
PGP, S/MIME: encrypt the email itself, again both sides need to use the encryption, have keys (or certificates for S/MIME). This encrypts the email itself.
The strength of each of these encryption methods is dependent on the specific settings, but in general enough to deter casual to semi-professional attackers. It's a matter of debate if organizations like echelon and the NSA are capable of decrypting strong cryptographic messages easily or not.
2006-11-01 21:55:02 · answer #2 · answered by anonymous 3 · 0⤊ 0⤋
If your router actually routes packets instead of broadcasting to each node, sniffing packets of other computers is impossible unless you're in between the router and the internet.
Use a web-based e-mail service that encrypts all traffic using HTTPS, or use an e-mail client/service that supports encryption.
2006-11-01 17:01:57 · answer #3 · answered by camzakcamzak 4 · 0⤊ 0⤋
If I'm inside your network, there are a hundred packet-sniffing programs that would allow me to "sniff" your confidential e-mail. The proper fix is to run IPSec to encrypt the data, even within your network.
2006-11-01 18:33:36 · answer #4 · answered by antirion 5 · 0⤊ 0⤋
if you are worried about people reading your email, encrypt it. THere are various point along the path that an email can be read by just about anyone.
2006-11-01 17:06:27 · answer #5 · answered by sjj571 4 · 0⤊ 0⤋