On Tue, Aug 27, 2002 at 08:36:40PM -0700, Nick Jacobsen wrote: > it supports SSH(Secure Telnet) SSH is not even remotely like "Secure Telnet". > and SSL(HTTPS) decryption and sniffing, as Only if you have the server's keypair. > I guess my main point is that if you are having your users log in using > "secure log in" for the express reason of making it so their password cannot > be sniffed, it is pointless, as anyone can STILL sniff it! There's a higher difficulty level involved with MITM attacks, and measures can be taken to prevent and/or recognize such attacks. SSL is not a panacea, but it's a useful layer of security. The fact that MITM attacks exist is not proper rationale for abandoning the use of encryption.
This archive was generated by hypermail 2b30 : Tue Aug 27 2002 - 21:09:43 PDT