Yes,Yes, a sniffer could be installed, but this assumes your attacker has physical access to your site. A bigger worry is sniffing on any of the networks before you. If you are working in an environment that needs a higher level of security than just passwords, run S/Key, or go for the overly expensive (but easier to use) solution of SecureID. -john