| |
|
4. Protocols
4.1 What protocols are vulnerable to sniffing?
- Following is a sampling of typical protocols that are sniffed,
especially for passwords.
Telnet and rlogin
- Sniffing can capture the keystrokes as the user types them,
including the user name and password. A long time ago I wrote
a commercial product that would capture all the text and dump
it to a terminal emulator, which reconstructed exactly what
the end-user was seeing. This basically produced a realtime
viewer of the remote users screen.
http
- The default version of HTTP has numerous holes. Many web
sites use "Basic" authentication, which sends passwords
across the wire in plain-text. Many web sites use another
technique which prompts the user for a username and password,
which are also sent across the network in plain-text. Data
sent in clear-text.
SNMP
- Alomost all SNMP traffic is SNMPv1, which has no good security.
SNMP passwords (called community-strings) are sent across
the wire in the clear.
NNTP
- Passwords sent in the clear.
Data sent in clear
POP
- Passwords sent in the clear.
Data sent in clear
FTP
- Passwords sent in the clear.
Data sent in clear
IMAP
- Passwords sent in the clear.
Data sent in clear
Note that all of these systems have secure alternatives. When
entering things like credit card information, most web sites
use SSL encryption rather than normal HTTP. Similarly, S/MIME
and PGP can encrypt e-mail at a level higher than e-mail protocols
like POP/IMAP/SMTP.
|
|
