From mboxrd@z Thu Jan  1 00:00:00 1970
From: Jim Choate <ravage@einstein.ssz.com>
To: <9fans@cse.psu.edu>
Subject: Re: [9fans] Re: NAT'ing a drawterm connection
In-Reply-To: <3F4A33C3.8030003@proweb.co.uk>
Message-ID: <Pine.LNX.4.33.0308251237270.1975-100000@einstein.ssz.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Date: Mon, 25 Aug 2003 12:37:37 -0500
Topicbox-Message-UUID: 21a94340-eacc-11e9-9e20-41e7f4b1d025


Go pick a fight with somebody else.


 -- --
      ravage@ssz.com                            jchoate@open-forge.com
      www.ssz.com                               www.open-forge.com


On Mon, 25 Aug 2003, matt wrote:

> >
> >
> >>a simple sniff can copy your key strokes ...
> >>the auth is secure but the connection is cleartext.  type away.
> >>
>
> Jim wrote :
>
> >Yes, that is absolutely true. And we are well aware of it (sniffers are a
> >regular tool for us, snoopy needs work!)
> >
>
> Russ wrote :
>
>  > No, the connection is SSL encrypted using the key established by the
> auth.
>
>
>
> This leaves me puzzled. Jim says it is cleartext and that H18 used
> snoopy to verify their claims.
>
> Does that mean that there is a faulty version of drawterm going around
> or is someone talking out of their 10 gallon hat?
>
> m
>