|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
|
Re: [Plug] Microsoft Striks Again
|
what happned to spop? or the secure redirection via ssh tunneling?
isn't there a howto out there on doing this?
k
------------------------------------------------------------------------------
"Success covers a multitude of blunders."
-- George Bernard Shaw
mortis@voicenet.com http://www.voicenet.com/~mortis
------------------------------------------------------------------------------
On Tue, 31 Aug 1999, Kevin Hill wrote:
> The best alternative would be to run a secure IMAP server. This gives
> you the encryption option to eliminate the snooping problem (or at
> least, make it more difficult to interpret).
>
> Of course, your sysadmin hates you for taking up all the filesystem
> space with stupid emails and ridiculous MS Office attachments. But
> that's secondary. Unless you're the sysadmin.
>
> - khill
>
> "Jason S." wrote:
> >
> > Run a packet sniffer on a box on you local lan with an interface in
> > pomisc mode, capture port 110, tcp and jot down everyones
> > username/password and read their mail while they retrieve it.
> >
> > Its not overly hard in that situation. POP, and SMTP are clear text,
> > and wide open for sniffing.
> >
> > J.
> >
> > When I grow up, I wanna be more like me.
> > I had a clue. I didn't like it. I took it back and exchanged it for an
> > attitude.
> >
> > On Tue, 31 Aug 1999, Nick R wrote:
> >
> > > Outside of social engineering and brute force crack attempts how's this so
> > > w/ POP3?
> > >
> > >
> > > >From: Morgan Wajda-Levie <mpwl@locke.ccil.org>
> > > >Reply-To: plug@lists.nothinbut.net
> > > >To: plug@lists.nothinbut.net
> > > >Subject: Re: [Plug] Microsoft Striks Again
> > > >Date: Tue, 31 Aug 1999 07:12:16 -0500
> > > >
> > > >On Mon, Aug 30, 1999 at 10:20:02PM -0400, Andy Bradley wrote:
> > > > > http://www.cnn.com/TECH/computing/9908/30/hotmail.06/
> > > >
> > > >The only problem I have with this and a lot of other coverage of the
> > > >cracking is that it makes the assumption that e-mail normally is
> > > >secure. The hotmail cracking makes things a lot easier, but reading
> > > >other people's e-mail is still a juvenile task, as is faking their
> > > >address. That's what pgp is for.
> > > >
> > > >--
> > > >Morgan Wajda-Levie
> > > >http://www.worldaxes.com/wajdalev
> > > >PGP fingerprint:
> > > >A353 C750 660E D8B6 5616 F4D8 7771 DD21 7BF6 221C
> > > >http://www.worldaxes.com/wajdalev/public.asc for PGP key
> > > >encrypted mail preferred
> > > ><< attach3 >>
> > >
> > > ______________________________________________________
> > > Get Your Private, Free Email at http://www.hotmail.com
> > >
> > > _______________________________________________
> > > Plug maillist - Plug@lists.nothinbut.net
> > > http://lists.nothinbut.net/mail/listinfo/plug
> > >
> >
> > _______________________________________________
> > Plug maillist - Plug@lists.nothinbut.net
> > http://lists.nothinbut.net/mail/listinfo/plug
_______________________________________________
Plug maillist - Plug@lists.nothinbut.net
http://lists.nothinbut.net/mail/listinfo/plug
|
|