dugsongMONKEY.ORG

• Next message: Microsoft Product Security: "Microsoft Security Bulletin (MS00-023)"
• Previous message: Steve Topilnycky: "Re: FW:PcAnywhere weak password encryption"
• In reply to: Steve Topilnycky: "Re: FW:PcAnywhere weak password encryption"
• Next in thread: Steve Topilnycky: "Re: FW:PcAnywhere weak password encryption"
• Reply: Dug Song: "Re: FW:PcAnywhere weak password encryption"
• Reply: Steve Topilnycky: "Re: FW:PcAnywhere weak password encryption"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, 12 Apr 2000, Steve Topilnycky wrote:

> Title: 'Protecting pcAnywhere Logins and Passwords'
> http://service1.symantec.com/SUPPORT/pca.nsf/docid/1999031209465812&src=w

 "pcAnywhere takes steps to prevent exposing the login and password
  while establishing a remote session by transmitting this information
  using whichever encryption level has been selected. However, if
  encryption is turned off, that information is passed in the clear.
  For this reason, the default encryption level is pcAnywhere encryption."

fwiw, dsniff now handles both cases - cleartext, and pcAnywhere-encrypted.

           http://www.monkey.org/~dugsong/dsniff/

-d.

---
http://www.monkey.org/~dugsong/
_____________________________________________________________________
** TO UNSUBSCRIBE, send the command "UNSUBSCRIBE win2ksecadvice"
** FOR A WEEKLY DIGEST, send the command "SET win2ksecadvice DIGEST"
SEND ALL COMMANDS TO: listservlistserv.ntsecurity.net

• Next message: Microsoft Product Security: "Microsoft Security Bulletin (MS00-023)"
• Previous message: Steve Topilnycky: "Re: FW:PcAnywhere weak password encryption"
• In reply to: Steve Topilnycky: "Re: FW:PcAnywhere weak password encryption"
• Next in thread: Steve Topilnycky: "Re: FW:PcAnywhere weak password encryption"
• Reply: Dug Song: "Re: FW:PcAnywhere weak password encryption"
• Reply: Steve Topilnycky: "Re: FW:PcAnywhere weak password encryption"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]