Guest joehill Posted April 3, 2003 Report Share Posted April 3, 2003 So I am experimenting with Snort, kinda cool, and I notice in the streams that I can see fetchmail dutifully going to my pop3 server and retrieving my mail. I notice of course that I can see the user and pass being transmitted. So basically anyone running a sniffer and who knew the external address of my router/firewall could sniff those passwords? I am not an overly paranoid person, but is there a more secure way to do this? Is is the same with POP3, anyone with a sniffer could snag your passwords? Quote Link to comment Share on other sites More sharing options...
Guest dturley Posted April 3, 2003 Report Share Posted April 3, 2003 all pop3 password go in the clear. Unless you find a real ISP that lets use use APOP, SSL or ssh tunneling to get your mail, you're stuck with that. Quote Link to comment Share on other sites More sharing options...
Relic2K Posted April 30, 2003 Report Share Posted April 30, 2003 So I am experimenting with Snort, kinda cool, and I notice in the streams that I can see fetchmail dutifully going to my pop3 server and retrieving my mail. I notice of course that I can see the user and pass being transmitted. So basically anyone running a sniffer and who knew the external address of my router/firewall could sniff those passwords? I am not an overly paranoid person, but is there a more secure way to do this? Is is the same with POP3, anyone with a sniffer could snag your passwords? If you wanted to, you can tunnel fetchmail via SSH so that everything is encrypted and could not be sniffed. Snort is a very powerful tool, and I couldn't live with out it. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.