On Fri, 30 Nov 2001, Gary McKinney wrote:
[snip]
> One caveat here - make sure you are running 128-bit encryption as there is
> hardware available now that would allow brute-force decryption of 64-bit DES
> in about 48-hours or so... (Ah - the wonders of technology) and do not cost
> a great de
ED]]
> Sent: Thursday, November 29, 2001 2:02 PM
> To: .:[Travis]:.
> Cc: Johannes Verelst; Branko Ivanovic';
> [EMAIL PROTECTED]
> Subject: Re: Squirrel Mail - just how secure it is?
>
>
> Why not just use https (port 443) connections? Just look through the
> apach
Why not just use https (port 443) connections? Just look through the
apache documentation to have it work for SSL and disable access to
squirremail via http (port 80). Then there won't be clear text
passwords. This should be independant of Squirrelmail. SSL is enabled
here on a Redhat 7.2 apac
As opposed to...? Isn't that ALWAYS true? Of EVERYTHING?
[EMAIL PROTECTED] wrote:
>
> ummh well it is not a bad webmail program but security is only as good as
> the administrator who implements it!
[snip]
--
James W. Meritt CISSP, CISA
Booz | Allen | Hamilton
phone: (410) 684-6566
ds,
Paul Leroy
-Original Message-
From: Richard Garand [mailto:[EMAIL PROTECTED]]
Sent: 27 November 2001 02:35
To: Branko Ivanovic; [EMAIL PROTECTED]
Subject: Re: Squirrel Mail - just how secure it is?
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On November 25, 2001 06:20 am, Branko
On Tue, 27 Nov 2001, .:[Travis]:. wrote:
[snip]
> I consider IMAP insecure, however, I run Squirrel mail on the same
> machine I have the mail server on and while I am running IMAP I simply
> firewall it's services so that no one may access it external to the server
> and allow Squirrel mail
On Tue, 27 Nov 2001, Johannes Verelst wrote:
> Well ... if you consider IMAP insecure, what protocol do you consider
> secure? What is your definition of secure protocols? Reading mail through
> pine & telnet is insecure, pop3 is insecure, webmail through unencrypted
> HTTP is insecure, IMAP is i
ummh well it is not a bad webmail program but security is only as good as
the administrator who implements it! i think ...i got a nice working
version of squirrelmail hasnt given me any problems so far and if you want
a webmail program you have to use some sort of IMAP regardless of how
insecure
On Sun, Nov 25, 2001 at 01:20:28PM +0100, Branko IvanoviU wrote:
> Hello group,
>
> I would like to ask if anyone has some expirience working with or security
> auditing WebMail program, written in PHP, called SquirrelMail. As I can see
> in version 1.06 and 1.2.0rc2 it is using IMAP, which I c
On Sun, 25 Nov 2001, Branko [iso-8859-2] Ivanoviæ wrote:
> Hello group,
>
> I would like to ask if anyone has some expirience working with or security
> auditing WebMail program, written in PHP, called SquirrelMail. As I can see
> in version 1.06 and 1.2.0rc2 it is using IMAP, which I consider as
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On November 25, 2001 06:20 am, Branko Ivanović wrote:
> I would like to ask if anyone has some expirience working with or security
> auditing WebMail program, written in PHP, called SquirrelMail. As I can see
> in version 1.06 and 1.2.0rc2 it is using
was not supported.
-Original Message-
From: Branko Ivanovic [mailto:[EMAIL PROTECTED]]
Sent: Sunday, 25 November 2001 11:20 PM
To: [EMAIL PROTECTED]
Subject: Squirrel Mail - just how secure it is?
Hello group,
I would like to ask if anyone has some expirience working with or security
Hello group,
I would like to ask if anyone has some expirience working with or security
auditing WebMail program, written in PHP, called SquirrelMail. As I can see
in version 1.06 and 1.2.0rc2 it is using IMAP, which I consider as highly
insecure protocol. Correct me please if I`m wrong. If it
13 matches
Mail list logo