Subject: Microsoft announces new ways to bypass security controls Date: Sun, Sep 14, 2003 at 10:03:32PM -0400 Quoting Sean Donelan (sean@donelan.com):
Of course, Microsoft isn't the only one with mail protocol security weaknesses.
POP3 is probably responsible for more cleartext passwords being transmitted over the Internet than any other network protocol.
That statement is nicely supported by my dnsiff logs from various networking conferences -- the top three have always been: POP webmail without SSL other http apps without SSL. Below this we see IMAP, IM, telnet (rare) and a storm of snmp from windows machines trying to manage HP printers. -- Måns Nilsson Systems Specialist +46 70 681 7204 KTHNOC MN1334-RIPE Send your questions to ``ASK ZIPPY'', Box 40474, San Francisco, CA 94140, USA