Computers| Computers |
|
08-28-2006, 12:54 PM
| #1 (permalink) |
| Dope Tech Join Date: Jan 2004
Posts: 3,660
   |  Look At All Of These Passwords! Look At All Of These Passwords! Posted 8/21/2006 by SecurityMonkey (Information Security Investigator) If you use any number of popular web forums or even some commercial services like classmates.com, amazon.com, netzero.com or your provider's webmail service, you may not be aware that you're sending your credentials over the internet in the clear. Some sites appear to secure your credentials, but they really don't. Some offer SSL sign-ins, but don't make them the default. Others don't even make an attempt to use proper SSL encryption or any attempt to obscure the credentials. Remember the wall of sheep from DefCon? All of those people that kept logging into net resources assuming that nobody was listening? They were wrong! Let's look at a couple of great examples of sites that have really awful security design, and see exactly how easy it is to steal credentials if you have access to the wire. These were obtained using nothing more than a linux laptop, a cable modem, ettercap (running ARP spoof and MiM gateway) and a bit of coffee. **follow link for the rest
__________________ Tech IMO.com | ExtremeTech.com | ASP Free.com | SysOpt.com | Tech Support Guy.org DB Forums.com | Cyber Tech Help.com | Lazy Forums.com | Warrior Nation.net 'If you don't stand for somethin you'll fall for anything' - Dr. Dre Been there, done that |
|  |
Linear Mode
