Today's internet has gone a long way from it's friendly academic and research
roots. In the past one might not worry about sending a password over an
internet connection. Not so today ! It is a trivial exercise to
sniff passwords. To see how this can be done download and install
ethereal
and use POP3 to recieve your email on a remote server. Your username and
password can easily be retrieved by listening "on the wire". Here is a screen
shot of my username and passwordretrieved from an unencrypted Pop3 session.
I have blacked out my password ;-)
Here are a few screen shots of the ethereal installation process on
MS Windows 98(TM).
The ease of installing network sniffing programs is why telnet and other "plain text" protocols are deprecated for logging into remote servers. In recieving mail via POP, the use of the APOP command offers protection for your password, but your username and all your email is easily readable "on the wire". Network sniffing is particularly dangerous on wireless networks as people may be parked outside your building sniffing. The encryption used on most wireless networks can be broken easily.
Modern Cryptography provides a method to prevent anyone from sniffing your POP traffic. The Windows(TM) program Putty allows you to shield your Pop sessions within an encrypted tunnel. Putty can be downloaded from http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html. It is distributed free of charge under the MIT license.
|
|
|
|
of your outgoing mailserver. |
putty to save your username |
|
|
In order to run these commands there has to be a running sshd on the target machine and you need to have a valid system account. BE SURE THAT YOU HAVE PERMISSION from YOUR PROVIDER BEFORE you do this. Stringent new laws have been passed in many US states to prevent people from obfuscating the origins of communications. Check your local laws before you do this.
To test your setup ssh tunneling command and
user Putty to telnet localhost 110
if all is working, you will get the pop server banner.
Likewise To test the outgoing (SMTP) connection, use Putty to
telnet to port 25.
To set up outlook express to use your ssh tunnel, first start outlook express,
click on "Tools" then select "Accounts". Remove the unencrypted account and
then click "Add" and select "Mail". The Wizard will start and you can add
your new settings. Everything will be the same until your get to "E-mail
Server Names". There you will enter 127.0.0.1 for your incoming and outgoing
mail servers.
If you are running a local anti-virus mail proxy like Norton Anti-Virus(TM) you will need to edit Norton's Outlook settings to use a higher port on your local box to relay the mail. I have not tested this as i do not have a copy of Norton's to use. While i am capable on Windows (TM) i do 90% of my work on *nix boxes - Sorry Bill ;-).
....and everything fades to white noise....
Marina
This Page is © Marina Brown - All Rights Reserved, Windows, Putty are Copyright and or Trademarked by their respective owners.