LISTSERV - HP3000-L Archives

HP3000-L Archives

February 1996, Week 2

HP3000-L@RAVEN.UTC.EDU

	LISTSERV Archives
	HP3000-L Home
	HP3000-L February 1996, Week 2

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	NS/VT :HELLO passwords sent in clear text?
From:	Alan AMBERS <[log in to unmask]>
Reply To:	Alan AMBERS <[log in to unmask]>
Date:	Wed, 7 Feb 1996 10:18:00 +0500
Content-Type:	text/plain
Parts/Attachments:	text/plain (32 lines)

I am 99% sure that NS/VT WILL NOT encrypt the passwords.  This is also
true for any DTC traffic.
 
/alan
 
Alan Ambers  email [log in to unmask]
 
 
> In talking about network security here, we wondered if HP 3000 logons
over a
> network via NS/VT transmitted the passwords typed by the user in
unsecure,
> sniffable clear text similar to the way telnet does it.
>
> I advised taking the paranoid position of assuming clear text.  But
then I
> wondered, maybe NS/VT is smart enough to recognize that display echo
has
> been turned off and that a password is being requested (i.e. "ENTER
USER
> PASSWORD:", not HELLO FOO/PASS.BAR), and so perhaps it might perform
some
> encryption.  Yes?  No?
> --
> Mark Bixby                      E-mail: [log in to unmask]
> Coast Community College Dist.   Web: http://www.cccd.edu/~markb/
> District Information Services   1370 Adams Ave., Costa Mesa, CA, USA
92626-5429
> Technical Support               +1 714 432-5865 x7064
> "You can tune a file system, but you can't tune a fish." - tunefs(1M)
>

ATOM RSS1 RSS2

RAVEN.UTC.EDU