There are a number of problems you leave out. First, I have sniffed a
switched network before and it is not that hard. You need only overflow
a switch with more bogus MAC addresses than it can handle and suddenly
you have a hub. Even without any effort my snort box picks up loads of
traffic it "shouldn't" behind two switches. You can probably assume you
are safe from sniffing behind a router, unless there is a compromised
box behind it with you.
Second, you may have plenty to be afraid of. If someone sends you an
html mail with a linked image from a child porn site, by having it open
by accident in a preview window you could suddenly be catogorized as a
child porn viewer by some automatic tool. I have had several very
disturbed and concerned users contact me about incidents like this with
html mail.
I have no worries about reactions to this tragedy as I beleive that the
vast majority of indivuals have good intentions even if their actions
aren't perfect. What I worry about are overreactions. I woke up today
much angrier than I was yesterday and I can think of some pretty
horrible overreactions that I might be willing to support in the
aftermath of the attacks. One can only hope that the leaders of my
country and others have a better handle on their emotions than the
general population.
jbh
> -----Original Message-----
> From: Luke Brumbaugh [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, September 12, 2001 8:29 AM
> To: NT System Admin Issues
> Subject: RE: OT? perspective of events
>
>
> I read about this. It's a NT box running a kinda "Sniffer" software.
> I have used sniffer, the log gets incredibly big in a short
> period of time.
> So, the idea of scanning an ip address or email header for
> certain patterns
> would only be possible.
> Wiretaps are common, but you can only monitor so many phones
> at a time.
> Same here with email and this Carnivore black box. So you
> ask yourself, are
> you doing something to be afraid of?
> If not, then why worry, sniffer doesn't work well on switched
> networks and
> as for internet, only terrorist and child pornographers have
> something to
> worry about.
>
>
> -----Original Message-----
> From: Benjamin Winzenz [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, September 12, 2001 9:51 AM
> To: NT System Admin Issues
> Subject: RE: OT? perspective of events
>
>
> I don't know how I feel about stuff like that yet. I think
> some of it may
> be warranted (we already know that any phone conversation
> basically can be
> recorded based on a myriad of words that are said). I think
> that the same
> type of thing monitoring e-mail would not be noticed by most. I think
> though, that if we were all told the extent of "spying" that
> the FBI already
> does, legally or illegally, we probably would be shocked. I
> almost think
> that things like that are better off kept silent. "what the
> people don't
> know won't hurt them" type of attitude. It's gonna get
> really interesting
> for a while here. As someone else said, we are in for a bit
> of a bumpy
> ride.
>
> As a side note, although I was not directly affected by the
> horrible acts
> that took place yesterday (no relatives), we will all be
> affected by this
> dastardly deed for a long time to come. My heart goes out to
> those who have
> experienced a loss. Even today, I still am in shock at what
> happened. At
> the same time, let us pray that our leaders make informed and
> wise decisions
> in the aftermath of what has happened.
>
> Ben Winzenz, MCSE
> Network/Systems Administrator
> Peregrine Systems, Inc.
>
> -----Original Message-----
> From: Kevin Lundy [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, September 12, 2001 9:14 AM
> To: NT System Admin Issues
> Subject: OT? perspective of events
>
> My sympathies and thoughts go out to everyone directly
> affected by these
> cowardly acts. My thoughts also go out to the millions of us
> indirectly
> affected.
>
> Now to bring a slightly on-topic slant to the discussions -
> in recent months
> there has been considerable debate on Carnivore (the FBI's electronic
> snooping tool). In order to increase our security, I'm sure
> we Americans
> are going to have to give up some of our personal freedom and
> privacy. As
> IT pro's, has anyone's opinion of Carnivore changed? I know
> if someone had
> asked me the question on Monday, I was adamantly against
> Carnivore. Today,
> I'm willing to accept some software "black-box" scanning my
> email looking
> for suspicious activity.
>
> Thoughts?
>
> BTW - just because I am initiating a slightly on topic
> discussion, in no way
> am I suggesting that that the other threads stop. I'm all
> for them. Many
> of our list members are in NY and DC. Those who don't like
> the off topic
> discussions - learn to use the delete key or setup a filter or rule.
>
> http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
>
> http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
> Enterprise Channel Management Software for Manufacturers
> Visit us at http://www.ultryx.com
>
>
> http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
>
>
http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
