On Sun, 11 Aug 2002 12:35, Antonio Gallardo Rivera wrote: > How: > With a TCP/IP packet sniffer someone can check the responses from the Web > Server inside your LAN or Internet. When the Web Client is receiving the > menu sidebar, there are many time the username and password in plain text!
It's worse, of course, when you access your accounts from clients' sites or through other places not under your control. > Resolution: > First: I am not a security expert to tell exactly how to resolve this > problem. May be using encrypted password or some kind of session cokies can > help us. I saw some encrypt libraries in Perl. https I guess. In the short term, use the ssh command (or similar) to connect to a safe box (maybe the server) and process transactions that way. Depending on your setup you might still be able to use a GUI browser such as Mozilla, or you may need to use lynx or links. -- Cheers John Summerfield Microsoft's most solid OS: http://www.geocities.com/rcwoolley/ Note: Unsolicited mail delivered to me is deemed to be intended for me, for my disposition. ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf ------------------------------------------------------- (un)subscribe: http://lists.sourceforge.net/lists/listinfo/sql-ledger-users Archive: http://www.mail-archive.com/[email protected]/
