Search the FAQ Archives

3 - A - B - C - D - E - F - G - H - I - J - K - L - M
N - O - P - Q - R - S - T - U - V - W - X - Y - Z
faqs.org - Internet FAQ Archives

comp.os.netware.security FAQ
Section - 1.03 - Can a packet-sniffer capture passwords?

( Single Page )
[ Usenet FAQs | Web FAQs | Documents | RFC Index | Airports ]


Top Document: comp.os.netware.security FAQ
Previous Document: 1.02 - Is the execute-only flag secure?
Next Document: 1.04 - Can the server be infected with a computer virus?
See reader questions & answers on this topic! - Help others by sharing your knowledge

    Since Novell NetWare 3, passwords are sent to the server encrypted
    using a hashing function. The three password functions (Login,
    Change password, Verify password) have a pretty secure protocol,
    such that the information gathered by packet sniffers cannot be
    used to reconstruct the event or determine the password.

    Some very old software use the NetWare 2 unencrypted password calls.
    These can be captured and used, since these passwords are sent in
    plaintext.

    Packet sniffers can capture just about all other information that
    is transmitted on the LAN. This includes telnet/ftp passwords, etc.

User Contributions:

Comment about this article, ask questions, or add new information about this topic:

CAPTCHA




Top Document: comp.os.netware.security FAQ
Previous Document: 1.02 - Is the execute-only flag secure?
Next Document: 1.04 - Can the server be infected with a computer virus?

Single Page

[ Usenet FAQs | Web FAQs | Documents | RFC Index ]

Send corrections/additions to the FAQ Maintainer:
F.U.Mirza@sheffield.ac.uk (Fauzan Mirza)





Last Update March 27 2014 @ 02:11 PM