At 19:20 07/09/2004 -0300, Andre Garzia wrote:
On Sep 7, 2004, at 6:58 PM, Alejandro Tejada wrote:
Could anyone (intentionaly) sniff the password used to connect to a ftp server?
I don't think so. Unless someone launch a bogus server and force a user to log in.
Yes, they can sniff passwords. Standard FTP (rfc959) sends passwords in cleartext, so anyone with physical access to the network, and suitable packet-capture hardware can easily sniff the password.
See rfc 2577 for various other things that will scare you about using ftp :-)
-- Alex.
_______________________________________________ use-revolution mailing list [EMAIL PROTECTED] http://lists.runrev.com/mailman/listinfo/use-revolution
