pine
gwen
gwen at nvnsvch.org
Wed Dec 14 12:34:43 PST 2005
* Ted Mittelstaedt (tedm at toybox.placo.com) [051214 15:22]:
>
>
> >> 'Can't do secure authentication with this server'
> >
> >If the server supports neither ssl, nor any form secure
> >authentication, there
> >nothing you can do to protect your password.
>
> Garbage.
>
> The first thing you can do is go out and shoo the crackers
> off the telephone pole who are tapped into your phone line
> and sniffing your passwords.
>
> Then you can ask your ISP to start locking the door to his
> NOC and kick out all the crackers who have sleeping bags in
> the NOC and are tapped into the ISP's ethernet cable from his
> router to his mail server.
>
> But the thing that would probably put your mind at ease the most
> is to stop going to Hollywood movies like The Net which make it appear
> as though crackers can magically sniff your cleartext passwords
> when they have access to the network between your
> PC and the ISP's mailserver.
Have you ever seen the output of tcpdump? You see anything on the
same network as you. So any of the following *likely* situations
leaves your non-encrypted password open for sniffing:
1) Wireless access, *any* wireless access.
2) Cable modem pools, or any internet hookup where there's a communal
line shared.
3) public networks (OK, I know the scenario presented is for home
usage, but it's worth it to put this point here).
4) Any network where a computer has been at all compromised.
5) Any ISP with untrustable SysAdmins (I've known this to happen).
6) Almost a corrolary to 5) and 3); any ISP with a compromised machine.
You cannot assume that there are not nasty sniffers on your line.
I have seen passwords sniffed out in all kinds of places.
And with that, I go back into lurking mode.
gwen.
gamergothgeekgrrl.
http://www.gw3n.com/
* martygreene shivvers
<martygreene> why is it so damn cold?
More information about the freebsd-questions
mailing list