Re: [Plug] Microsoft Striks Again

Nick R on 1999年8月31日 15:55:51 -0400 (EDT)

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [Plug] Microsoft Striks Again

From: "Nick R" <laktar@hotmail.com>
To: plug@lists.nothinbut.net
Subject: Re: [Plug] Microsoft Striks Again
Date: 1999年8月31日 12:55:07 PDT
Reply-to: plug@lists.nothinbut.net
Sender: plug-admin@lists.nothinbut.net

Well if you're dialing in from your PC at home, then you can't really do that to a person, but even if you do capture anything, you only get what they access, not the password (unless you use a really bad system where it's part of the URL like hotmail, though it doesn't seem to happen to me like that).

 -Laktar, a.k.a. Nick Rosen, laktar.dyndns.org

If I Ever Became An Evil Overlord: 95. My dungeon will have its own qualified medical staff complete with bodyguards. That way if a prisoner becomes sick and his cellmate tells the guard it's an emergency, the guard will fetch a trauma team instead of opening up the cell for a look. -- Peter's Evil Overlord List, http://www.eviloverlord.com/lists/overlord.html

From: "Michael W. Ryan" <mryan@netaxs.com>
Reply-To: plug@lists.nothinbut.net
To: plug@lists.nothinbut.net
Subject: Re: [Plug] Microsoft Striks Again
Date: 1999年8月31日 09:06:06 -0400 (EDT)

On 1999年8月31日, Morgan Wajda-Levie wrote:

> The only problem I have with this and a lot of other coverage of the
> cracking is that it makes the assumption that e-mail normally is
> secure. The hotmail cracking makes things a lot easier, but reading
> other people's e-mail is still a juvenile task, as is faking their
> address. That's what pgp is for.

I have to agree, especially when it's using a clear text protocol like
HTTP. If you'd like to see it for yourself, just install a decent
packet-capturing utility on your system. Just start capturing packets,
and have someone access a web page, and you'll see. I demonstrated this
to a student in my NT class with the Network Monitor utility from SMS, and
his access to his college's web-based email.

Michael W. Ryan, MCP, MCT | OTAKON 1999
mryan@netaxs.com | Convention of Otaku Generation
http://www.netaxs.com/~mryan/ | http://www.otakon.com/

PGP fingerprint: 7B E5 75 7F 24 EE 19 35 A5 DF C3 45 27 B5 DB DF
PGP public key available by fingering mryan@unix.netaxs.com (use -l opt)


_______________________________________________
Plug maillist - Plug@lists.nothinbut.net
http://lists.nothinbut.net/mail/listinfo/plug


______________________________________________________
Get Your Private, Free Email at http://www.hotmail.com

_______________________________________________
Plug maillist - Plug@lists.nothinbut.net
http://lists.nothinbut.net/mail/listinfo/plug

Follow-Ups:
- Re: [Plug] Microsoft Striks Again
  - From: Kyle Burton <mortis@voicenet.com>

Prev by Date: Re: [Plug] Log rotating
Next by Date: Re: [Plug] Microsoft Striks Again
Previous by thread: RE: [Plug] What's the deal with Freshmeat.net?
Next by thread: Re: [Plug] Microsoft Striks Again
Index(es):
- Date
- Thread