From mboxrd@z Thu Jan  1 00:00:00 1970
Message-ID: <3F4A33C3.8030003@proweb.co.uk>
From: matt <matt@proweb.co.uk>
User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.3) Gecko/20030425
MIME-Version: 1.0
To: 9fans@cse.psu.edu
Subject: Re: [9fans] Re: NAT'ing a drawterm connection
References: <Pine.LNX.4.33.0308250804370.1975-100000@einstein.ssz.com>
In-Reply-To: <Pine.LNX.4.33.0308250804370.1975-100000@einstein.ssz.com>
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
Date: Mon, 25 Aug 2003 17:05:23 +0100
Topicbox-Message-UUID: 219dd456-eacc-11e9-9e20-41e7f4b1d025

>
>
>>a simple sniff can copy your key strokes ...
>>the auth is secure but the connection is cleartext.  type away.
>>

Jim wrote :

>Yes, that is absolutely true. And we are well aware of it (sniffers are a
>regular tool for us, snoopy needs work!)
>

Russ wrote :

 > No, the connection is SSL encrypted using the key established by the
auth.



This leaves me puzzled. Jim says it is cleartext and that H18 used
snoopy to verify their claims.

Does that mean that there is a faulty version of drawterm going around
or is someone talking out of their 10 gallon hat?

m