heheh, well I'd place my spy at the company itself and have them perform a security walkaround of the building to locate the (normally unprotected) demark point and install my sniffer physically on the wire there.
Not to say that there aren't any lame ISPs/datacenters around (I have definately seen my share) but this is their primary line of business, you are perhaps more likely to gain access to the end user's infrastructure. I say that the direct approach will probably be more successful. You'd be suprised how many large companies don't even think to set up a surveillance camera within their telecom/switching rooms, or even in the hallway leading up to the door. _________________________________________ John Daniele Technical Security & Intelligence Toronto, ON Voice: (416) 605-2041 E-mail: [EMAIL PROTECTED] Web: http://www.tsintel.com On Mon, 25 Feb 2002, Coffey, Christopher S. wrote: > I'll add my opinions here, hopefully you will find them interesting: > > 1. Yes most sniffers can be configured to find just curtain types of traffic > by headers (mail, ftp, etc.) > > 2. Yes but it takes more work than that, let me explain (this is but a > sample scenario btw). Say I was a company in LA and I wanted to snoop the > email of my competitor in NY city. I would need to find out who there ISP is > (who runs there T1 or whatever) then I would need to "Hack" into that ISP ( > Ok yes this is complicated it might require breaking into multiple routers > and servers within the ISP to find the right link into there T1 ) and > install my sniffer software to grab all the mail coming and going from that > company. This could either be done by a group of black hat mercenaries or by > a well placed inside at the ISP. > > 3. This is a rough scenario, it would be a very big case of corporate > espionage that so far we haven't seen yet ( or at least not made public) but > it is possible, with enough time money and luck it could be done, it all > depends on how much $$$ the data is worth ??? > > Christopher Coffey > Network Security Officer > AAC-VA > > > > > -----Original Message----- > From: Dave Bujaucius [mailto:[EMAIL PROTECTED]] > Sent: Friday, February 22, 2002 10:58 AM > To: [EMAIL PROTECTED] > Subject: Unencrypted Email > > > It is common knowledge that unencrypted messages sent over an unsecured > Internet connection *can* be viewed in clear text and thus the contents > compromised. My questions: > > 1. Is it really easy? How readily available are sniffing tools that > can do this? > 2. Can it be done from a user's home dial up or DSL type connection? > Can someone in California somehow be scanning mail leaving a New York > location? > 3. Outside of government agencies that have access to selected ISP's, > how likely is it that a company could be targeted by an outside person > or organization? > > I realize that like most IT issues everything is relative. I'm > questioning the relative risk in sending confidential information over > the Internet. Real life experiences versus theory. > > Dave Bujaucius >
