[2670] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Not so much a bug as a warning of new brute force attack

daemon@ATHENA.MIT.EDU (Dave Hayes)
Tue Jun 4 18:34:44 1996

Date:         Tue, 4 Jun 1996 13:20:17 -0700
Reply-To: Bugtraq List <BUGTRAQ@netspace.org>
From: Dave Hayes <dave@kachina.jetcafe.org>
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@netspace.org>

Seguridad <cdcsegu2@cdcnet.uniandes.edu.co> writes about POP3 attacks:
>I think the solution isnt disable this port, the solution is just limit
>the number of tries to enter the valid user/password (3 times max)..

My solution was to decouple the POP passwords from the account
passwords by having a separate POP password file.

However, isn't there a safer way of sending passwords over the network?
What's up with CHAP?
------
Dave Hayes - Altadena CA, USA - dave@jetcafe.org
Freedom Knight of Usenet - http://www.jetcafe.org/~dave/usenet

           What we see depends on mainly what we look for.


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[2670] in bugtraq

Re: Not so much a bug as a warning of new brute force attack

daemon@ATHENA.MIT.EDU (Dave Hayes)Tue Jun 4 18:34:44 1996

daemon@ATHENA.MIT.EDU (Dave Hayes)
Tue Jun 4 18:34:44 1996