Re: Is mutt secure enough?
On Fri, 20 Feb 2004, jacob[at]buildtheb0x.com wrote:
> If you are in fact using imaps:// (ssl), then all your communication with the
> server is encrypted and secure. The ssl should establish this secure
> connection before any actuall data is passed. If you are truly paranoid, it
> might be fun to check it out for yourself:
>
> # tcpdump -Xvni eth0 host domain.com and port 993 | grep password
Great, thanks! It could not catch the password! OT, but I couldn't find
what the "n" in the tcpdump options does, mind telling a bit?
> If for some reason your password does show up, maybe you should set the
> password in your .muttrc (but i really don't think it would). I am assuming
> that your question is do to the fact that you are passing the username and
> password in the imaps:// url.
This might be a good idea since I'm the only one using this puter, and
your assumtion was correct, sorry if I caused any confusion. Actually I
have a bash script that runs the whole command ... I have 3 scripts, one
for each account. Now, I'm relaxed knowing that the isp guys or anyone in
the middle can't get the password so easily.
Regards,
Deboo
--
-----------------------------------------
Pin all your hopes in God,
then you will not be pinned down by man.
-----------------------------------------