Mr Tweaks - Back to homepage
 
   

Shop | How to | Reg Edit Tips | Got An Error? | Mac Tips | About Us | Products Page | Tips | Cable & ADSL | News & Events | Strange Tips | Contact Us | Links | Security

   

4. Protocols

4.1 What protocols are vulnerable to sniffing?
Following is a sampling of typical protocols that are sniffed, especially for passwords.

Telnet and rlogin

Sniffing can capture the keystrokes as the user types them, including the user name and password. A long time ago I wrote a commercial product that would capture all the text and dump it to a terminal emulator, which reconstructed exactly what the end-user was seeing. This basically produced a realtime viewer of the remote users screen.

http

The default version of HTTP has numerous holes. Many web sites use "Basic" authentication, which sends passwords across the wire in plain-text. Many web sites use another technique which prompts the user for a username and password, which are also sent across the network in plain-text. Data sent in clear-text.

SNMP

Alomost all SNMP traffic is SNMPv1, which has no good security. SNMP passwords (called community-strings) are sent across the wire in the clear.

NNTP

Passwords sent in the clear. Data sent in clear

POP

Passwords sent in the clear. Data sent in clear

FTP

Passwords sent in the clear. Data sent in clear

IMAP

Passwords sent in the clear. Data sent in clear

Note that all of these systems have secure alternatives. When entering things like credit card information, most web sites use SSL encryption rather than normal HTTP. Similarly, S/MIME and PGP can encrypt e-mail at a level higher than e-mail protocols like POP/IMAP/SMTP.

   

Click Here!