Security Basics mailing list archives
RE: Sniffing packets in Exchange <-> Outlook scenario
From: "Faisal Masood" <faisyuet () wol net pk>
Date: Fri, 3 Oct 2003 02:01:54 +0500
If you are using email accounts as POP3 in MS Outlook, then its is possible for others to retrieve your password. One such tool is PStoreView available at: http://ntsecurity.nu/toolbox/pstoreview/ It allows users to view their IE, outlook stored passwords. There are situations where Exchange RPC is not a good choice. There you have to check your mails using POP3. Then how can one protect from such password tools? Regards Faisal Masood Lahore -----Original Message----- From: Ruiz Cifuentes, Rolando Matias (CL - Santiago) [mailto:rruiz () deloitte cl] Sent: Thursday, October 02, 2003 7:37 PM To: security-basics () securityfocus com Subject: Sniffing packets in Exchange <-> Outlook scenario Do someone know what protocol does Exchange <-> Outlook use? May someone sniff that packets and decode them? (how? or with what?) I'm pretty sure that it's not that easy, because when i sniff my net i get some "MS/DCE RPC Protocol v5.0" comunication between my machine and my exchange server, and it's not plain text. It's this safe enough? I'm not interested in the Exchange <-> RestOfTheWorld scenario, i'm just looking the first one. thanks for your help ------------------------------------------------------------------------ --- ------------------------------------------------------------------------ ---- --------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- Sniffing packets in Exchange <-> Outlook scenario Ruiz Cifuentes, Rolando Matias (CL - Santiago) (Oct 02)
- RE: Sniffing packets in Exchange <-> Outlook scenario Faisal Masood (Oct 02)