Tony Hoyle wrote: > On Wed, 20 Feb 2002 09:53:45 +0000 (UTC), "Koen" <[EMAIL PROTECTED]> > wrote: > > If you're that bothered about security then pserver is the *worst* > protocol to choose as the passwords are trivially decrypted. Kerberos > or SSH are needed for that level of security. sspi is a good middle > ground - you can in theory crack the NT passwords (they're MD5'd I > believe) but it would take a couple of weeks on a fast machine > provided you don't use passwords that aren't susceptible to a > dictionary attack.
Tony, do NTSERVER & SSPI modes really send a hashed version of the password? Thanks, Brian _______________________________________________ Cvsnt mailing list [EMAIL PROTECTED] http://www.cvsnt.org/cgi-bin/mailman/listinfo/cvsnt
