a general security concern

[Graham P Collins <gpc@sff.net>]

I'm playing around the with the demo ring on the ringlink home page. I see 
that when I'm logged in as the ring admin if I pull up "Inactive Sites", 
for instance, there are links on the page such as the remove link for a site:
(I've added a space so it'll display more cleanly)
http://www.gunnar.cc/cgi-bin/ringlink/ringadmin.pl?ringid=demo;siteid=site13; 
pw=demo;routine=Remove_site;pass=inactive;completeinfo=;sitesperpage=25
I'm concerned that all this info -- the site of the ringadmin page and the 
username and password to login to it -- is being passed across the internet 
with no security. What is to stop some hacker from sniffing packets to 
detect strings like this and then go and wreak havoc?
How difficult would it be to set things up so that the ringlink tools would 
use SSL or something to hide this info?
-- Graham Collins