Defending against the rouge sniffer is never easy. As previously mentioned, a switched network will keep the casual sniffer at bay, but the more determined will overcome that obstacle. The most robust method of protection is to enforce the used of encrypted protocols. Replace Telnet with SSH, introduce SSL where possible, use only encrypted email like PGP or S/MIME. Use two-factor or biometric authentication. Unfortunately, due to the nature of Ethernet, sniffing and sniffers will be here for some time to come.
There are a large number of sniffing tools available, many for free. The highly regarded and very free packet capture tool Ethereal is a great place to start, but there are many more. A recent and comprehensive list can be found here.
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.