My Bad. The RSA Certificate was for the Passport account. MSN Messenger uses an MD5 hash. Still more secure than most e-mail accounts.
""Steven A. Ridder"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > I hate to break it to you, but almost all e-mail isn't encrypted either. > The log on info to MSN Messenger is not clear text. The messages are. I > sniffed MSN Messenger and it's an RSA certificate. I think you mean I can > sniff most pop accounts and see the username and password, not MSN > Messenger. > > > > ""David Tran"" wrote in message > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > >The messages are usually smaller than e-mail. And > > > no they aren't insecure (well besides the gaping hole AIM just patched). > > A > > > stateful firewall or CBAC can stop session hijacking. > > > > It is the statement like this that makes me almost fall off my chair. > What > > planet > > are you coming from? What make you think that these IM is secured > > (excluding > > the gapping hole in AIM). Remember, you have to connect the client to an > > external IM server, the information is traveling in "clear text" including > > your > > username and password. What makes you think that these IM servers are > > secure? Furthermore, your communication can be monitored by a third > party. > > CBAC or stateful Firewall can not prevent this because your session is > being > > monitored on the IM servers. There is nothing that your firewall can do. > > If > > hackers successfully hack the IM servers, consider your conversation > > available > > to everybody else. > > > > The best way to secure communication is running IM over Secure Socket > Layer > > (SSL). I've been using jabber over SSL for a few months now and it is > > working great. You want something secure, build your own jabber server, > run > > the > > service over SSL and have your buddies to connect to your jabber IM server > > for > > secure communication. Jabber server is a freeware available on Linux > > platform. > > > > ----- Original Message ----- > > From: "Steven A. Ridder" > > To: > > Sent: Sunday, January 06, 2002 11:38 AM > > Subject: Re: How to block MSN, and others. [7:31057] > > > > > > > I can't imagine the problem with Messenger apps. I feel that instant > > > communication can be handy at times. Sometimes I hate waiting for an > > e-mail > > > response, and a messenger service fits that niche nicely. And no, they > > > don't waste bandwidth. The messages are usually smaller than e-mail. > And > > > no they aren't insecure (well besides the gaping hole AIM just patched). > > A > > > stateful firewall or CBAC can stop session hijacking. > > > > > > I don't use instant messaging at all (except for e-bay alerts and > traffic > > > updates) but I see huge potential for IM and I bet that messaging will > > only > > > get more ubiquitous as the years go by. So try and live with it instaed > > of > > > fighting it all the time. > > > -- > > > > > > RFC 1149 Compliant. > > > > > > > > > FAQ, list archives, and subscription info: > > http://www.groupstudy.com/list/cisco.html > > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=31073&t=31057 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
