Re: Dsniff/mailsnarf

To: John Keimel <john@keimel.com>
Cc: tps@unslept.com, debian-security@lists.debian.org
Subject: Re: Dsniff/mailsnarf
From: elijah wright <elw@stderr.org>
Date: Tue, 24 Feb 2004 17:20:01 -0600 (CST)
Message-id: <[🔎] Pine.LNX.4.58.0402241719190.8989@illuminati.stderr.org>
In-reply-to: <[🔎] 20040224231948.GA31664@keimel.com>
References: <[🔎] 20040224231120.GA29684@unslept.com> <[🔎] 20040224231948.GA31664@keimel.com>

> > I've been asked to place a sniffer on a network that handles HIPPA
> > data, and watch for e-mail containing certain strings. I figured that
> > mailsnarf would be the best way to do this.
> >
> Aside from any of hte technical details of this, I'm kind of wondering
> how this fits into HIPPA and it's policies.
>
> I'd be sure that if I were you, I'd have written evidence of someone (a
> boss/supervisor/etc) ordering this kind of behaviour and also my
> objection to sniffing data that might be confidential under HIPPA.

sounds like he's being asked to sniff to make SURE that no one is stupid
enough to email hipaa-covered data out.

C.Y.A. is definitely appropriate.

elijah

Reply to:

Follow-Ups:
- Re: Dsniff/mailsnarf
  - From: tps@unslept.com

References:
- Dsniff/mailsnarf
  - From: tps@unslept.com
- Re: Dsniff/mailsnarf
  - From: john@keimel.com (John Keimel)

Prev by Date: Re: Dsniff/mailsnarf
Next by Date: Re: no valid Release.gpg file for woody and non-US
Previous by thread: Re: Dsniff/mailsnarf
Next by thread: Re: Dsniff/mailsnarf
Index(es):
- Date
- Thread