From owner-freebsd-security Fri Jan 5 12:24:10 2001 From owner-freebsd-security@FreeBSD.ORG Fri Jan 5 12:24:07 2001 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from clmboh1-smtp3.columbus.rr.com (unknown [65.24.0.112]) by hub.freebsd.org (Postfix) with ESMTP id 9A86A37B400; Fri, 5 Jan 2001 12:24:06 -0800 (PST) Received: from mail.iowna.com (dhcp065-024-023-038.columbus.rr.com [65.24.23.38]) by clmboh1-smtp3.columbus.rr.com (8.9.3/8.9.3) with ESMTP id PAA05868; Fri, 5 Jan 2001 15:21:49 -0500 (EST) Sender: wmoran@clmboh1-smtp3.columbus.rr.com Message-ID: <3A562C77.8E67B7AE@mail.iowna.com> Date: Fri, 05 Jan 2001 15:20:07 -0500 From: Bill Moran X-Mailer: Mozilla 4.76 [en] (X11; U; FreeBSD 4.2-STABLE i386) X-Accept-Language: en MIME-Version: 1.0 To: Artem Koutchine Cc: security@FreeBSD.ORG, questions@FreeBSD.ORG Subject: Re: Antisniffer measures (digest of posts) References: <000701c07750$eb585e60$0c00a8c0@ipform.ru> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Artem Koutchine wrote: > Well, let me remind the situtation. I have a very heterogenic network: > FreeBSD, Linux, Win9x, WinME, WInNT, WIn2000. Now they are all > connected with hubs, which allows sniffer to run and obtain all the mail > and web password easily. I need to stop it. If you want to replace hubs with switches, you're going to need to replace EVERY ONE! I don't know how many that is for you. If it's only POP3 & HTML passwords you're worried about, why not switch your mail server to a secure auth protocol. I think APOP does this (not sure) and use HTTPS on any web pages that have passwords? -Bill To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message