Intercepting HTTP request

Google for "network sniffer" or "ethereal" or any of the UNIX network admin type thingys. Then get ready to $4!+ your pants in abject horror. It's not that hard if you've got some kind of physical presence somewhere on the network.

If you want to write the software, you *could*... But why? There are already very good mature tools to do exactly that, but better than you could. Might be fun to try for educational purposes though.

That's a bit of a hard question. The threat really isn't to the site per se, but to the user. It's highly unlikely that anyone could setup anything to really sniff that site, but they could sniff against users much more easily.

You can almost be certain that the network admins are using sniffers on the bank site for diagnostics, but they aren't really a risk.

The question is then more like, "How easy is it to setup a network sniffer to spy on end-users?" That will depend on the network that they are on, so there's a huge range to deal with.

It's much easier to just setup a keylogger on a person's machine then let it do the work. That's almost trivial and you can easily write a keylogger in under a day.

If you mean how easy is it to setup a network sniffer to spy on that site, then the answer is, "Really darn hard." For large corporations with big sites and for banking sites, you don't use things like IIS or Apache. iPlanet is still going to be a better platform. You're also going to use better servers running things like Solaris or BSD. In the front you'll have a firewall then a load balancer that uses a private IP address for communicating with the web servers (that are never truly visible to the Internet with a real IP address).

So even if you can setup a network sniffer, it's unlikely that you can get any information from it. What you've got to do is to actually own one of the servers so that you can disable the security measures like the firewall, the IDS, etc. But once you've got that done, you've accomplished so much more than just what your network sniffer can do. You've essentially owned a banking server! This is not a trivial task, and would most likely require cooperation from administrators working for the bank, or some really serious homework with serious hardware. The investment there would be massive, and well beyond the means of most 'hackers'. i.e. You need to be able to recreate the environment to do security testing, and things like iPlanet and Solaris hardware are not cheap.

And even then, if they're using Solaris, they're likely running zones for security and so even if you hack one zone, you're still sandboxed and unable to access other zones. Again, you need to know configurations for the site, and without massive amounts of work or an insider, you're never going to get anywhere.

From the banking site's perspective, they are still very secure.