From owner-freebsd-questions  Wed Jan 17 21:52:55 1996
Return-Path: owner-questions
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.3/8.7.3) id VAA16933
          for questions-outgoing; Wed, 17 Jan 1996 21:52:55 -0800 (PST)
Received: from hemi.com (hemi.com [204.132.158.10])
          by freefall.freebsd.org (8.7.3/8.7.3) with SMTP id VAA16922
          for <questions@freebsd.org>; Wed, 17 Jan 1996 21:52:50 -0800 (PST)
Received: (from mbarkah@localhost) by hemi.com (8.6.11/8.6.9) id WAA26197; Wed, 17 Jan 1996 22:52:40 -0700
From: Ade Barkah <mbarkah@hemi.com>
Message-Id: <199601180552.WAA26197@hemi.com>
Subject: Re: ethernet packet sniffer.
To: ANDRSN@HOOVER.STANFORD.EDU (Annelise Anderson)
Date: Wed, 17 Jan 1996 22:52:40 -0700 (MST)
Cc: julian@ref.tfs.com, questions@freebsd.org
In-Reply-To: <01I04ED7J0MA00AKNQ@HOOVER.STANFORD.EDU> from "Annelise Anderson" at Jan 17, 96 03:36:53 pm
X-Mailer: ELM [version 2.4 PL24]
Content-Type: text
Sender: owner-questions@freebsd.org
Precedence: bulk


> It sounds like the sys admin--or anyone with root privileges--can
> read absolutely everything going on--all e-mail in and out, all
> keyboard activity, and so forth.  Is this right?  Thanks
>
> Annelise

Yes, in technical terms anyone with root privileges can read 
absolutely everything provided the bpf device is configured and 
the data isn't encrypted. Legal ability is of course different.
"Anyone" includes unauthorized persons who without your knowledge
taps a PC into your local ethernet cable.

-Ade Barkah
--------------------------------------------------------------------
Inet: mbarkah@hemi.com - HEMISPHERE ONLINE - www: <http://hemi.com/>
--------------------------------------------------------------------