Security Basics mailing list archives
Re: POP3 passwords
From: Francisco Andrades <fandrades () nextj com>
Date: Tue, 21 Oct 2003 14:59:06 -0400
Steve McLaughlin wrote:
Would it be possible to spoof the IP of the POP3 server to the mail client over the internet from a dummy mail server, using say, Packit, and then, sniff the packets hitting the LAN card?
100% doable. In fact you can use ARP spoofing to redirect any communication through a sniffer. That includes telnet, ftp, POP3, IMAP, TLS/SSL, SSH (of course, in the case of secure protocols it's of no use because you receive encrypted streams).
-----Original Message-----From: Dave Killion [mailto:Dkillion () netscreen com] Sent: Tuesday, 21 October 2003 4:50 AMTo: 'Zachary Mutrux'; Security-Basics Subject: RE: POP3 passwords Zac, Well, you're right - people don't think much about POP3 passwords, but they should. POP3/S is a solution, but not many people support it or know how to use it. The people who do know typically are the ones who check their email via SSH and mutt anyway.
-- Francisco Andrades Grassi www.nextj.com Tlf: +58-414-125-7415 ---------------------------------------------------------------------------Visual & Easy-to-use are not words that you think of when talking about network analyzers. Are you sick of the three window text decodes? Download ClearSight Network's Analyzer and see a new network analysis tool that makes the complex - easy
http://www.securityfocus.com/sponsor/ClearSightNetworks_security-basics_031021 ----------------------------------------------------------------------------
Current thread:
- Re: POP3 passwords, (continued)
- Re: POP3 passwords Tomas Wolf (Oct 20)
- Re: POP3 passwords Francisco Andrades (Oct 20)
- Re: POP3 passwords Simon Gray (Oct 20)
- Re: POP3 passwords Francisco Andrades (Oct 20)
- Re: POP3 passwords Todd Troxell (Oct 20)
- Re: POP3 passwords JGrimshaw (Oct 20)
- Re: POP3 passwords Hendra Santosa (Oct 21)
- RE: POP3 passwords Dave Killion (Oct 20)
- Re: POP3 passwords Meritt James (Oct 20)
- RE: POP3 passwords Steve McLaughlin (Oct 21)
- Re: POP3 passwords Francisco Andrades (Oct 21)
- Re: POP3 passwords Simon Garner (Oct 21)
- RE: POP3 passwords Golden_Eternity (Oct 22)
- Re: POP3 passwords Tomas Wolf (Oct 20)
- RE: POP3 passwords Chris Merkel (Oct 20)
- RE: POP3 passwords Keller, Tim (Oct 20)
- Re: FW: POP3 passwords Sec1 (Oct 20)
- RE: POP3 passwords Dave Killion (Oct 21)
- Re: POP3 passwords Phillip McCollum (Oct 22)