Security Basics mailing list archives
Re: FW: POP3 passwords
From: Sec1 () webmetoo com
Date: Mon, 20 Oct 2003 16:43:43 -0400
They probably figure it isn't worth the time to go through all the spam emails on the account to get to something usefull enough to warrant the sniff.
-----Original Message----- From: JGrimshaw () ASAP com [mailto:JGrimshaw () ASAP com] Sent: Monday, October 20, 2003 12:22 PM To: Zachary Mutrux Cc: Security-Basics Subject: Re: POP3 passwords Since most people are still dial-up, the odds of someone tapping into their phone line with the intent to steal their POP3 passwords are not very good...it's a point-to-point connection. Same goes for DSL connectivity. That is generally a point-to-point connection, at least as far as I have seen. Since you have to be physically on the subnet to sniff it and start packet capturing (in a wired world, at least), that minimizes a threat. Broadband like a cable modem, on the other hand, is indeed wide open. Why it's not such a big problem, I don't know. Perhaps the miscreants are having more fun examining unprotected local shares on windows boxes, and just stealing the Outlook PST files directly. "Zachary Mutrux" <zmutrux () compumentor org> 10/17/2003 06:40 PM To "Security-Basics" <security-basics () securityfocus com> cc Subject POP3 passwords Why has it not been a bigger problem that POP3 passwords are unencrypted when sent over the public Internet? Seems like they would be pretty easy for a miscreant to steal. zm -- Zac Mutrux Technology Consultant CompuMentor 415-633-9437 --------------------------------------------------------------------------- FREE Whitepaper: Better Management for Network Security Looking for a better way to manage your IP security? Learn how Solsoft can help you: - Ensure robust IP security through policy-based management - Make firewall, VPN, and NAT rules interoperable across heterogeneous networks - Quickly respond to network events from a central console Download our FREE whitepaper at: http://www.securityfocus.com/sponsor/Solsoft_security-basics_031015 ---------------------------------------------------------------------------- --------------------------------------------------------------------------- FREE Whitepaper: Better Management for Network Security Looking for a better way to manage your IP security? Learn how Solsoft can help you: - Ensure robust IP security through policy-based management - Make firewall, VPN, and NAT rules interoperable across heterogeneous networks - Quickly respond to network events from a central console Download our FREE whitepaper at: http://www.securityfocus.com/sponsor/Solsoft_security-basics_031015 ----------------------------------------------------------------------------
--------------------------------------------------------------------------- FREE Whitepaper: Better Management for Network Security Looking for a better way to manage your IP security? Learn how Solsoft can help you: - Ensure robust IP security through policy-based management - Make firewall, VPN, and NAT rules interoperable across heterogeneous networks - Quickly respond to network events from a central console Download our FREE whitepaper at: http://www.securityfocus.com/sponsor/Solsoft_security-basics_031015 ----------------------------------------------------------------------------
Current thread:
- Re: POP3 passwords, (continued)
- Re: POP3 passwords JGrimshaw (Oct 20)
- Re: POP3 passwords Hendra Santosa (Oct 21)
- RE: POP3 passwords Dave Killion (Oct 20)
- Re: POP3 passwords Meritt James (Oct 20)
- RE: POP3 passwords Steve McLaughlin (Oct 21)
- Re: POP3 passwords Francisco Andrades (Oct 21)
- Re: POP3 passwords Simon Garner (Oct 21)
- RE: POP3 passwords Golden_Eternity (Oct 22)
- RE: POP3 passwords Chris Merkel (Oct 20)
- RE: POP3 passwords Keller, Tim (Oct 20)
- Re: FW: POP3 passwords Sec1 (Oct 20)
- RE: POP3 passwords Dave Killion (Oct 21)
- Re: POP3 passwords Phillip McCollum (Oct 22)