[ On , May 31, 2000 at 23:20:23 (+0100), James R Grinter wrote: ]
> Subject: Re: inetd.conf defaults
>
> woods@weird.com (Greg A. Woods) writes:
> > I.e. the threat of sniffing is much much greater, especially inside a
> > LAN segment, even a switched one, than is the risk of someone performing
> > a TCP connection theft attack.  It is much much higher than the risk of
> 
> (If someone is in a position to sniff, then they can spoof very
> easily. There's even code out there to do the hard work for them.)

True enough -- I'm just speaking to the relative threats in the average
real-world corporate network.  You're much less likely to get caught
sniffing in such an environment, even if you do have to bash on the
switch to make it spray everything your way, than you would actively
performing a TCP spoofing attack.

-- 
							Greg A. Woods

+1 416 218-0098      VE3TCP      <gwoods@acm.org>      <robohack!woods>
Planix, Inc. <woods@planix.com>; Secrets of the Weird <woods@weird.com>