Wombat: Switched Network.

But the latency, the latency...

AZ

apparently latency is not important as their admins are quite prone to that. see, the telnet vs ssh issue hasn't reached them yet...

So what? All I have to do is watch one piece of wire to get a password. Then I can jump in anywhere. If you're only running telnet, then you have no idea if any given client has been tampered with.

There are several ways to sniff a switched network. So a switched network is definatly not secure.

Now what we have here has moved away from a practical matter to a matter of opinion. I'm not arguing that an inline sniffer could be made to do this, but the *Only* way to do that would be to gain physical access to the box. Please Take Note: many Unix boxes will shut down an interface and *not* bring it back up if it loses a physical connection. If you have physical access, SSH is not a factor (You've got Bigger Problems, at that point).

KeiFront: As far as trying to sniff from a remote area of the network, have fun. The only practical way would be to get an inline sniffer on the backbone and hope you hear something, but doing that would *definitely* attract notice just from the interruption. VLans is another subject I have not broached, and it shouldn't take any imagination to see how those can be used to further segment a switched network.

This subject has been discussed many times internally, as I found out last week (I took the opportunity to ask about it when conferring with a Network Engineer about another problem).

You KNOW that the biggest threat is from ppl working on the INSIDE right?

Yes, I do, and yes, it has been addressed.

Ok guys, stop picking on him. He can't say to much about what they do to address the issue.

Also the control over how it's done is well and truely out of his hands.