From owner-freebsd-questions Wed Aug 15 11:30: 7 2001 Delivered-To: freebsd-questions@freebsd.org Received: from mtiwmhc23.worldnet.att.net (mtiwmhc23.worldnet.att.net [204.127.131.48]) by hub.freebsd.org (Postfix) with ESMTP id 7B01137B40A; Wed, 15 Aug 2001 11:30:04 -0700 (PDT) (envelope-from achornback@worldnet.att.net) Received: from tomcat ([12.93.212.141]) by mtiwmhc23.worldnet.att.net (InterMail vM.4.01.03.16 201-229-121-116-20010115) with SMTP id <20010815183003.ZCVT8490.mtiwmhc23.worldnet.att.net@tomcat>; Wed, 15 Aug 2001 18:30:03 +0000 From: "Andrew C. Hornback" To: "Ted Mittelstaedt" , "Greg Lehey" Cc: Subject: RE: Remotely Exploitable telnetd bug Date: Wed, 15 Aug 2001 14:29:50 -0400 Message-ID: <009101c125b8$450d6340$0e00000a@tomcat> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook 8.5, Build 4.71.2173.0 In-Reply-To: <001101c12567$0d51ac00$1401a8c0@tedm.placo.com> X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2919.6600 Importance: Normal Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG > -----Original Message----- > From: owner-freebsd-questions@FreeBSD.ORG > [mailto:owner-freebsd-questions@FreeBSD.ORG]On Behalf Of Ted > Mittelstaedt > Sent: Wednesday, August 15, 2001 4:48 AM > To: Greg Lehey > Cc: Ryan Thompson; William Nunn; freebsd-questions@FreeBSD.org > Subject: RE: Remotely Exploitable telnetd bug > > Actually, if you think about it, POP3 is not as much a problem. > Look at it > this way. What is transferred over POP3? E-mail. How does that E-mail > get there to be transferred? SMTP mostly. > > Now, if an attacker wanted to sniff your e-mail, all he needs to > do is sniff > the incoming SMTP he doesen't need to bother looking at the POP3 session > at all. Sure, POP3 does pass the password in the clear - but all the POP3 > password gets the attacker is access to your mailbox, and that just lets > him steal your mail. If your frequently checking e-mail then > it's unlikely > he could make off with the bulk of your incoming e-mail without causing > noticeable trouble, since POP servers don't permit concurrent access to > the mailbox. Ted, et. al... I think what might be a "hang up" about this with someone just sniffing your POP3 and then trying to steal your mail is would be in situations similar to some of the ISPs that I've used in this area. In those instances, your login password for your dial-up connection and shell account is the same as the password that you have to send to retrieve your e-mail. In that instance, having someone sniff your password out could be very detrimental to your account's longevity. Especially when said password is then used to gain access to and hack the host machine. --- Andy To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message