On Thu, 01 Nov 2001, Fergal Daly wrote:
> On Thu, Nov 01, 2001 at 01:14:19PM +0000, Gavin McCullagh wrote:
> > Well if the subnet you sit on is not switched, the others on the subnet
> > could do it either. That's important in some places (eg a college,
> > internet cafe, library). Lot's of very dodgy people playing with stuff on
> > the UCD network. Not to mention the number of undiscovered hacked
> > machines which outsiders have effective control over.
>> Aboslutely but then again I think not being switch would be far worse at the
> server end than the client end. The difference being that the percentage of
> sensitive info travelling to the server (from all over the world) is
> relatively high and when you write your traffic analyser, you know what urls
> and what fields your looking for.
Wel in fairness if we're talking about an SSL server that's taking credit
card orders, I'd assume it'd be switched as much for bandwidth to it's
database server as anything else.
If you're talking about someone who can get onto the subnet of the web
server and have permissions to go into promiscous mode then I'd say he's
* A dodgy dishonest sysadmin or
* they have a net/sysadmin who is crap and hasn't stopped anyone else from
In either case, I wouldn't be happy sending my credit card info to be
stored on their machines by ssl or otherwise. Chances are the guy has
acces to the db too.
> Whereas on a college network, there's mountains of crap floating around
tell me about it!
Maintained by the ILUG website team. The aim of Linux.ie is to
support and help commercial and private users of Linux in Ireland. You can
display ILUG news in your own webpages, read backend
information to find out how. Networking services kindly provided by HEAnet, server kindly donated by
Dell. Linux is a trademark of Linus Torvalds,
used with permission. No penguins were harmed in the production or maintenance
of this highly praised website. Looking for the
Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!