Date: Sun, 25 Nov 2001 18:16:30 +0100 (CET) From: Wouter Van Hemel <wouter@fort-knox.rave.org> To: Agung <masagung@divre2.telkom.co.id> Cc: doc@FreeBSD.org Subject: Re: how 2 secure Message-ID: <Pine.LNX.4.41.0111251752180.21188-100000@fort-knox.rave.org> In-Reply-To: <001101c175c1$387341a0$6610053d@telkom>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 25 Nov 2001, Agung wrote: > Hello, > > I've used freebsd for my webserver. Could you tell me what is sniffing, > and how it work. then how to prevent with my freebsd. thank you. > That's not really the purpose of this list, you'd be better off asking questions to freebsd-questions@freebsd.org. This list is for discussion of documentation (or the lack thereof). But since I'm replying anyway, I'll try to answer your question. Tradionally, all data that gets sent over the net, happens in cleartext. This means, anybody on the same network as you, can almost literally see the characters passing on the network. It's a bit like having two phones on one line at home, while one's talking, the other can secretly follow the conversation with the other phone. Usually, this isn't that much of a problem, since .. well, most data isn't that important. But this changes when you send out something confidential over the network, such as a private email, your creditcard number, or even your system passwords. That's why people tend to encrypt the entire line, from your computer, over all routers on the net, all the way until it reaches the recipient. That way, nobody can listen in on what you (your computer) is saying to the other side. It's wise to log in using ssh, for example. Ssh encodes your password and data, so it can't be 'sniffed', it can't be read by someone between the two points of communication. Another application is (open)ssl, the Secure Sockets Layer. This finds use in webbrowsers (https) and maildaemons (e.g. sendmail). If you have confidential data that needs to be send over the web (suck as credit cards), set up an https server. If you receive or send very confidential emails, you might want to set sendmail up with ssl, too; keep in mind that all maildaemons have to be able to understand it, though, so I think you'd be better off using pgp/gpg. Using a https-server or enabling ssl in sendmail might be overkill; use your own judgement. But I strongly advise you to use ssh. Kind regards, wouter PS: please don't reply to this list To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-doc" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.LNX.4.41.0111251752180.21188-100000>