> In <[log in to unmask]>
[log in to unmask]
> writes:
>
> > > How can I protect the MANAGER.SYS Password from being sniffed,
when I > run
> > a
> > session from an NT 4.0 Workstation using Reflection 1 and VT-MGR ?
>
> You can't. They're sent in plain text. That's been an open issue for a
> long time, and likely won't be changed soon.
>
> You might look into a third party security package; there are several
> available that support one-time passwords using crypto cards and the
like.
> You can find them listed on the vendor/product directory on www.3k.com
-
> check under "S" for security.
>
> -Chris Bartram
>
As the other posting on breaking of DES keys shows, one-time keys are
the only way to go if you want security over a public network.
However, you can reduce sniffing on your LAN by proper network layout,
switches, anti-eavesdrop hubs (like HP's - if you buy the snmp modules),
and protection of the wire (use fiber!).
Richard Gambrell