Quote Originally Posted by drakoth777 View Post
It would only be possible to sniff that password on the LAN of the ISP if the server and the admin PC were on different LANs, right? I mean the only reason a packet containing the password would be sent to the ISP LAN would be to contact the ISPs nameserver, which would resolve the hostname of the server or admin PC on the other LAN? Is my understanding correct?

I mean if server and the admin PC are in the same LAN, which is probably the case, then there's no reason to contact the ISPs nameserver, therefore, making it impossible to sniff outside the server/admin PC LAN.

Is this correct?
Yes, if someone were sitting on the LAN at the ISP, that could be done. I've done it already to catch an evil haxor.

With most of the Mom&Pop ISP's gone now, that kind of thing really doesn't go on much, unless the ISP itself is looking for something in particular. But you wouldn't have a random employee at the ISP doing it.