PS. Sniffer... there are not any way to detect sniffer in the non-switched network, and there is not much use for sniffer in switched network, if this network is configured properly and is watched for the unusial events.
depends on brand and model of switch $ portinstall dsniff $ man macof -J (and yes, the thread topic is about ways for _watching_ "the unusual events" aka sniffing)
The real smart ones - professionals - won't attack unless there's a
chance
of a serious payback. This excludes most businesses, and makes anything but a well-known script-based attack a very remote possibility.
that's just not so. ask me about it in person and i might tell you stories.
For most other people a trivial packet-filtering firewall, lack of Windoze, and a switch instead of a hub will do just fine.
this part, i agree with. -- Paul Vixie
-- James Jun (formerly Haesu) TowardEX Technologies, Inc. 1740 Massachusetts Ave. Boxborough, MA 01719 Consulting, IPv4 & IPv6 colocation, web hosting, network design & implementation http://www.towardex.com | james@towardex.com Cell: (978)394-2867 | Office: (978)263-3399 Ext. 170 Fax: (978)263-0033 | AIM: GigabitEthernet0 NOC: http://www.twdx.net | POC: HAESU-ARIN, HDJ1-6BONE