On Fri, Aug 17, 2001 at 09:57:19AM -0500, Florin Iucha wrote:
> You forget about malicious users... Anybody can set up a snifer on a corporate
> network and most of the time the sys/netadmins won't notice.

Well, I can think of three ways around that:

1)  Keep root locked up tight.  No root, no promiscuous mode, no
sniffer.

2)  Use switches instead of hubs.  You can't sniff a packet that
doesn't reach your NIC.

3)  Only hire people who don't know enough about networking to do
things like that.

Unfortunately, most companies seem to rely entirely on #3.

-- 
With the arrest of Dimitry Sklyarov it has become apparent that it is not
safe for non US software engineers to visit the United States. - Alan Cox
"To prevent unauthorized reading..."         - Adobe eBook reader license