From owner-freebsd-isp Tue Mar 14 13:48: 0 2000 Delivered-To: freebsd-isp@freebsd.org Received: from mail.alpha.net.au (mail2.alpha.net.au [203.41.44.8]) by hub.freebsd.org (Postfix) with ESMTP id 9C33F37B773 for ; Tue, 14 Mar 2000 13:47:55 -0800 (PST) (envelope-from dannyh@idx.com.au) Received: from freebsd.freebsd.org (surry-pool-164.alpha.net.au [203.41.44.164] (may be forged)) by mail.alpha.net.au (8.9.3/8.9.3) with SMTP id IAA21314; Wed, 15 Mar 2000 08:48:05 +1100 From: Danny To: "Leif Neland" , "Leif Neland" , Subject: Re: Is passwords send to auth webpages secure? Date: Thu, 16 Mar 2000 08:49:41 +1100 X-Mailer: KMail [version 1.0.21] Content-Type: text/plain References: <010f01bf8d42$efda91e0$0e00a8c0@neland.dk> MIME-Version: 1.0 Message-Id: <00031608504402.00323@freebsd.freebsd.org> Content-Transfer-Encoding: 8bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org The tool for the job like NIS or Kerbros?? Looking forward to your feedback. dannyh dannyh@idx.com.au On Tue, 14 Mar 2000, Leif Neland wrote: > I have set a squid proxy to use samba_auth (When somebody is trying to use the proxyserver, they are presented with a normal browser-popup, and are prompted for a login/password. This is their NT-login/passwd, and if they are allowed to read a file on the NT with this login/pwd, they are granted access to the squid proxy). > > Now I have been asked if the passwords from browser to squid is sent in cleartext, so it can be sniffed? > > If so, this is an argument to get swiches instead of hubs... > > Leif > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message -- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message