Security Basics mailing list archives

RE: Sniffing packets in Exchange <-> Outlook scenario

From: "Faisal Masood" <faisyuet () wol net pk>
Date: Fri, 3 Oct 2003 02:01:54 +0500

If you are using email accounts as POP3 in MS Outlook, then its is
possible for others to retrieve your password. 

One such tool is PStoreView available at:
http://ntsecurity.nu/toolbox/pstoreview/


It allows users to view their IE, outlook stored passwords. 

There are situations where Exchange RPC is not a good choice. There you
have to check your mails using POP3. Then how can one protect from such
password tools?


Regards

Faisal Masood
Lahore


-----Original Message-----
From: Ruiz Cifuentes, Rolando Matias (CL - Santiago)
[mailto:rruiz () deloitte cl] 
Sent: Thursday, October 02, 2003 7:37 PM
To: security-basics () securityfocus com
Subject: Sniffing packets in Exchange <-> Outlook scenario

Do someone know what protocol does Exchange <-> Outlook use? May someone
sniff that packets and decode them? (how? or with what?)

I'm pretty sure that it's not that easy, because when i sniff my net i
get
some "MS/DCE RPC Protocol v5.0" comunication between my machine and my
exchange server, and it's not plain text.

It's this safe enough?

I'm not interested in the Exchange <-> RestOfTheWorld scenario, i'm just
looking the first one.

thanks for your help

------------------------------------------------------------------------
---
------------------------------------------------------------------------
----



---------------------------------------------------------------------------
----------------------------------------------------------------------------

Current thread:

Sniffing packets in Exchange <-> Outlook scenario Ruiz Cifuentes, Rolando Matias (CL - Santiago) (Oct 02)
- RE: Sniffing packets in Exchange <-> Outlook scenario Faisal Masood (Oct 02)