Firewalls: Re: POP3 Security

Firewalls
(March 1997)

Indexed By Thread: [Previous] [Next]

Subject:	Re: POP3 Security
From:	Bernd Eckenfels <lists @ lina . inka . de>
Date:	Tue, 4 Mar 1997 03:02:56 +0100
To:	firewalls @ greatcircle . com
In-reply-to:	<199703031442 . OAA01651 @ h01 . scientia . com>; from Ian Miller on Mar 03, 1997 at 02:42:25PM +0000
References:	<199703031442 . OAA01651 @ h01 . scientia . com>

Hi,

> If you are using username/password POP3 logins, you have very weak security
> in any case as anyone logging in from a remote provider may be eavesdropped
> on that remote provider compromising the password.

Well. As long as the Password is not your login password it is not that
critical. If a hacker can't guess your password, he can still sniff all of
your mails. (Thats exactly the thing he would dowith your sniffed password).

I still wonder why netscape has invited ssl-news but no ssl-pop... IMHO this
is completely ..umm.. doubtfull :)

Greetings
Bernd
-- 
  (OO)      -- Bernd_Eckenfels @
 Wittumstrasse13 .
 76646Bruchsal .
 de --
 ( .. )  ecki @
 {inka .
 de,linux.de,debian.org} http://home.pages.de/~eckes/
  o--o     *plush*  2048/93600EFD  eckes @
 irc  +4972573817  BE5-RIPE
(O____O)       If privacy is outlawed only Outlaws have privacy

References:

Re: POP3 Security
From: Ian Miller <firewalls @ scientia . com>

Indexed By Date	Previous:	Re: plug-in From: Richard Hoffbeck <rwh @ visi . com>
Indexed By Date	Next:	Re: Linux VS FreeBSD as firewall / router From: Adam Shostack <adam @ homeport . org>
Indexed By Thread	Previous:	Re: POP3 Security From: Ian Miller <firewalls @ scientia . com>
Indexed By Thread	Next:	UDP canceled by ISP From: Christian ALT <calt @ tla . ch>