On Tue, 2003-10-28 at 11:30, Payal Rathod wrote: > > Localhost<--Encrypted ssh tunnel-->myshell.com<--Clear text pop3-->softhome.net > > But then the password is still travelled through plain text from > myshell.com to softhome.net
Yup. > Then what is the use of encryppted tunnel? Something is better than nothing. IMHO, the most convenient place for sniffing is on a lan. Once your packets are through to your ISP, they would most probably go through hardware routers, switches and other devices not usually famous in sniffing for malicious intent but thats being optimistic. Point is that instead of passing stuff completely in cleartext end-to-end, you encrypt it through half of its journey hence giving you *some* amount of protection. > Can I establish an enrypted tunnel directly from my machine? Not if your mail provider does not give you a shell OR some kind of mechanism to initiate/receive encrypted sessions. Understand that if you are encrypting something on the wire, the other end has to be able to decrypt it to be able to make any sense of it. In case of most of the free mail providers, this is non existent except for the web based interfaces. BTW, if your session is not being encrypted and someone is sniffing on the wire, (s)he does not need the password to read your mail transactions as its all going in and out in cleartext anyway. :) VaibhaV http://vsharma.net ------------------------------------------------------- This SF.net email is sponsored by: SF.net Giveback Program. Does SourceForge.net help you be more productive? Does it help you create better code? SHARE THE LOVE, and help us help YOU! Click Here: http://sourceforge.net/donate/ _______________________________________________ linux-india-help mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/linux-india-help
