This paper focuses on the threat of packet sniffing in a switched environment, and
briefly explores the effect in a non-switched environment. Detail is given on a
number of techniques, such as “ARP (Address Resolution Protocol) spoofing”, which
can allow an attacker to eavesdrop on network traffic in a switched environment.
Third party tools exist that permit sniffing on a switched network. The result of
running some of these tools on an isolated, switched network is presented, and
clearly demonstrates that the threat they pose is real and significant.
The final section covers ways to mitigate the threat of network sniffing in both non-
switched and switched environments. The thesis of this paper is that encryption is
the only true defence to the threat of sniffing.
read more here:-
http://www.sans.org/rr/whitepapers/networkdevs/rss/244.php
