> Trick 1.  Stick a Knoppix CD in, reboot, run ethereal on the same LAN
> segment as the CSR's.
>
> Trick 2.  If you are using a switch, flood the switch into failing - it
> becomes a hub.  Snoop away.
>
> Trick 3.  Make sure you have written permission, signed by the highest
> ranking officer of the company you can find before you do anything like
> this.

My guess is that my audience doesn't know the difference between a hub and a
switch. Is capturing packets going to impress them? Maybe if it were
capturing passwords??? Like the dsniff tools just catching passwords. This
isn't an in office demonstration, so I shouldn't need any waivers, but
thanks for the legal advice.

> A 1997 study released by the FBI showed 15% of the security problems
> came from Internet "Hackers," 15% from contractos and 70% from
> employees.  85% of the problems came from inside the walls.
> Unfortunately, 85% of the effort (for most companies) goes to blocking
> the 15%.

These are the numbers I am trying to impress - the threat already sits at a
computer and gets a check on payday.