Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
Re: How to detect a snifferFrank Wortner (frankprodigy.com)
Mon, 8 May 1995 09:58:03 -0400 (EDT)
- Messages sorted by: [ date ][ thread ][ subject ][ author ]
- Next message: Patrick Horgan: "Re: and now, back to your regularly scheduled discussion topic..."
- Previous message: robert owen thomas: "and now, back to your regularly scheduled discussion topic..."
- In reply to: Dr. Frederick B. Cohen: "How to detect a sniffer"
On Fri, 5 May 1995, Dr. Frederick B. Cohen wrote: > I await anxiously the unbounded diatribe that is certain to result from > this assessment of the difficulty in detection of sniffers, but please > don't use the same sorts of abusive language or insults that you have > been throwing around so freely before asking legitimate questions. Just > because you don't know how, doesn't make it impossible. It doesn't make it likely, either. All other "protective" technology and techniques are just the embodiment of a willingness to accept some degree of risk in return for the possibility of some benefit. Because an organization desires network technology and connectivity, it must be willing to accept the risks that go along with that. The cost of detecting every possible breach has to be weighed against the benefit --- and in this case, the likelihood of that breach. Since we are talking about what Dr. Cohen implies is *extremely* expensive technology, the possibility that someone will deploy it against most LANs or WANs is *extremely* remote. If I'm wrong about the cost and difficulty involved, then please correct me. Meanwhile, I won't loose any sleep about this "vulnerability." In short, "Let's get real!" Frank -- "Outside of a dog, a book is a man's best friend; inside of a dog, it's too dark to read." -- Groucho Marx