l i n u x - u s e r s - g r o u p - o f - d a v i s
L U G O D
 
Next Meeting:
October 7: Social gathering
Next Installfest:
TBD
Latest News:
Aug. 18: Discounts to "Velocity" in NY; come to tonight's "Photography" talk
Page last updated:
2001 Dec 30 17:11

The following is an archive of a post made to our 'vox-tech mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
Re: [vox-tech] Secure Email Access (fetchmail and ssh)
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [vox-tech] Secure Email Access (fetchmail and ssh)




> On Fri, Oct 12, 2001 at 12:09:08AM -0700, ME wrote:
[chop]
> > Some people have encountered problems like this and found ssh-ing to
> > an on-campus host "close" to the pop3 server, and then relaying the
> > request using the insecure pop-authentication (plain-text across the
> > net, but only between the on-campus hosts nstead of being bounced
> > across a larger network.)
[chop]

On Sat, 13 Oct 2001, Matt Roper wrote:
[chop]
> The mail servers can be reached in just a single hop from
> the isun systems which I have a shell account on.  In order for somebody
> to sniff my password being transmitted from isun to the mail server,
> they'd have to have root access on some computer in that subnet, right?
[chop]

(I kind-of figure this is a rhetorical question, so this is a rhetorical
answer ;-)

Yes/no. For certain OS, there is little/no user structure with a root or
admin and general user=root

If the network is a switched network between the two hosts, then you have
a higher level of security from sniffing since the sniffer would see
nothing but the first ethernet frame from unknown MAC to unknown
MAC/Broadcast MAC unless the switch was configured (puposefully) to flood
to a sniffer-port with a sniffer running on it, or "break" the switch and
make it into a repeater and then see all traffic (prob result in a
RMON/SNMP trap/trigger if the switch was well set up and notify the
network admin) and then have a sniffer on one of those ports being
flooded.

Heh heh heh... O:>

-ME

-----BEGIN GEEK CODE BLOCK-----
Version: 3.12
GCS/CM$/IT$/LS$/S/O$ !d--(++) !s !a+++(-----) C++$(++++) U++++$(+$) P+$>+++ 
L+++$(++) E W+++$(+) N+ o K w+$>++>+++ O-@ M+$ V-$>- !PS !PE Y+ !PGP
t@-(++) 5+@ X@ R- tv- b++ DI+++ D+ G--@ e+>++>++++ h(++)>+ r*>? z?
------END GEEK CODE BLOCK------
decode: http://www.ebb.org/ungeek/ about: http://www.geekcode.com/geek.html
     Systems Department Operating Systems Analyst for the SSU Library



LinkedIn
LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
facebook
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
Appahost Applications
For a significant contribution towards our projector, and a generous donation to allow us to continue meeting at the Davis Library.