>Can a PC running a sniffer that sets the ethernet card to
>promiscous mode be detected by same? Or other methods?
Well, I suppose you could tell if you could run a program on the PC
in question but otherwise "sniffing" is a passive act (each card
receives every packet on its line at all times, normally the card
discards those it does not use but this decision is made internally.
IMHO, your only real capability is to restrict which packets on each line
are intelligable (there are a couple of hubs that do this) but this
is available only with 10Base-T).
For several years I have operated under the premise that everything I put
onto a network not only *can* be read, it *will* be read and use PGP/OTP
devices when appropriate.
ps Many roads are now closed with flooding reported on both I-4 and the
expressway. My employer considered letting everyone go home early, but
instead they are willing to let anyone who wants to stay and work all
night. (and if you believe that one, I have this bridge...)