Re: What is the likelihood of password sniffing ?
From: Superbo Barnetta (gotslack_at_home.yes)
Date: 10/24/03
- Previous message: Bill Unruh: "Re: What is going on with Micros**t?"
- In reply to: Colonel Flagg: "Re: What is the likelihood of password sniffing ?"
- Next in thread: Dave Korn: "Re: What is the likelihood of password sniffing ?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 24 Oct 2003 10:39:49 +0100
On Thu, 23 Oct 2003 23:50:04 -0400, Colonel Flagg wrote:
> In article <TsKdnW-v_4t_EgqiRVn-vg@giganews.com>, superbo@barnetta.not
> says...
>>
>> "Colonel Flagg" <colonel_flagg@NOSOUPFORJ00internetwarzone.org> wrote in
>> message news:MPG.1a00eb4be5349b77989b59@news.charter.net...
>> > In article <ZdOdneNF9t8vfQuiRVn-sw@giganews.com>, superbo@barnetta.not
>> > says...
>> > > Hello,
>> > >
>> > > When a lot of us send and receive email, we use 'clear text' passwords.
>> Not
>> > > all do this, but a great many I suspect do. Who has the means to capture
>> > > this un-encrypted information ?
>> > >
>> >
>> > anyone with a shell account on your mail server, anyone with access to a
>> > network appliance along the way, especially local access to a monitor
>> > port.
>> >
>>
>> Thanks Colonel. So each of the 'hops' to a typical POP3 server, has the
>> potential to grab a clear text password ?
>>
>> If that's so, it's what I thought might happen. If someone did snag the
>> password, they'd be most likely to just download copies of emails, rather
>> than use the default 'delete from server after retrieval' POP3 way of doing
>> things. Someone might get suspicious otherwise that they'd never received
>> mails when a site/friend told them they'd got mail coming.
>>
>> Scary isn't it ? Anyone could be doing it, and you'd just never know ...
>>
>> Thanks again.
>>
>> SB.
>
>
> I haven't tested this on many email servers, but on the few I've looked
> into, I've noticed that if you "do not delete" from the server, the
> messages are marked as "read", therefore, if bad-guy-client downloads
> prior to your download, he'll more than likely mark the message as read,
> so when you download it, it won't show as "unread". In Eudora in
> particular with the little blue ball on the left of the message pane,
> the blue ball is absent from messages downloaded from the server by
> another client, prior to when Eudora pulls the message. This is a good
> indicator that another client has already viewed the emails, and a good
> indicator to change your password.
Good tips there, I hadn't thought of the 'marking read' bit.
Cheers.
SB.
- Previous message: Bill Unruh: "Re: What is going on with Micros**t?"
- In reply to: Colonel Flagg: "Re: What is the likelihood of password sniffing ?"
- Next in thread: Dave Korn: "Re: What is the likelihood of password sniffing ?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
