search for: mitm

Displaying 20 results from an estimated 204 matches for "mitm".

Did you mean: mit
2017 Aug 21
6
pop 110/995, imap 143/993 ?
If I read this correctly, starttls will fail due to the MITM attack. That is the client knows security has been compromised. Using SSL/TLS, the MITM can use SSL stripping. Since most Postifx conf use "may" for security, the message would go though unencrypted. Correct??? Is there something to enable for perfect forward security with starttls? ?...
2015 Aug 22
4
[security] Thunderbird vulnerable to MITM
Thunderbird has a MITM vulnerability with its otherwise rather groovy auto-configuration feature. The problem is that it makes requests via HTTP to retrieve the auto configuration information. This allows a black hat (e.g. the NSA) to modify the results sent to the client, and the client has no way to verify the res...
2017 Aug 22
0
pop 110/995, imap 143/993 ?
>> Lest anyone think STARTTLS MITM doesn't happen, >> >> https://threatpost.com/eff-calls-out-isps-modifying-starttls-encryption-commands/109325/3/ Right, the attack does happen, but it can be prevented by properly configuring the server and client. >> Not only for security, I prefer port 993/995 as it's...
2017 Aug 21
2
pop 110/995, imap 143/993 ?
Lest anyone think STARTTLS MITM doesn't happen, https://threatpost.com/eff-calls-out-isps-modifying-starttls-encryption-commands/109325/3/ Not only for security, I prefer port 993/995 as it's just plain simpler to initiate SSL from the get-go rather than to do some handshaking that gets you to the same point. Joseph...
2015 Aug 23
0
[security] Thunderbird vulnerable to MITM
On Sat, 2015-08-22 at 08:05 -0700, Alice Wonder wrote: > Thunderbird has a MITM vulnerability with its otherwise rather groovy > auto-configuration feature. > https://librelamp.com/FooBird#security > > has what I think would be the easiest solution while keeping the > ability to auto-configure stuff. As for LibreSSL et al, perhaps you could mention all your...
2015 Aug 24
0
[security] Thunderbird vulnerable to MITM
Hello, On Sat, 2015-08-22 at 08:05 -0700, Alice Wonder wrote: > Thunderbird has a MITM vulnerability with its otherwise rather groovy > auto-configuration feature. > > The problem is that it makes requests via HTTP to retrieve the auto > configuration information. > > This allows a black hat (e.g. the NSA) to modify the results sent to the > client, and the...
2009 Nov 06
0
SSL vulnerability and SSH
Hi, This is just a quick note to state that the recently reported SSL/TLS MITM attack[1] *does not* affect SSH. Like SSL/TLS, SSH supports key and parameter renegotiation, but it is not vulnerable because a session identifier is carried over from the first key exchange into all subsequent key exchanges. Technical details: In SSL, key exchanges and subsequent renegotiations...
2017 Aug 22
1
pop 110/995, imap 143/993 ?
...it says LOGINDISABLED unless you >> have enabled something like cram-md5. > > Hi, > > exactly, this is the reason, why plain-text is still needed. You don't need > encryption for authentication, if you have secure authentication. Without > knowing original password, the MITM cannot generate correct hash for login, so > the connection can be plain-text. You don't need plaintext to use CRAM-MD5: there's no problem have *both* CRAM-MD5 and SSL (it's overkill, but works). And mail data is worth protecting too. > Of cource, if you then download your ema...
2014 Dec 06
1
MD5-CRYPT/CRAM-MD5 vs SHA512-CRYPT/PLAIN
...lity message, then the client will probably send its password login attempt in plaintext, without even trying to establish a STARTTLS session, because the server seemed to be incapable of STARTTLS. So you might need to teach your users to enforce STARTTLS in their email client in order to mitigate MITM attacks. Regards Daniel
2020 May 31
3
identify 143 vs 993 clients
...S if available" option or if the users explicitly don't pick that option (you can ask them not to in your setup instructions) then that type of downgrade attack cannot occur. The other possible downgrade attack which was not mentioned but is equally mitigated by the client is where the MITM intercepts the connection, connects to your server and issues a STARTTLS itself but presents the resulting connection as plain text to the client. This means that enforcing STARTTLS on the server side will not prevent a plain text connection through a MITM from the client. But do keep in min...
2015 Aug 23
2
[security] Thunderbird vulnerable to MITM
On 08/23/2015 07:25 AM, Always Learning wrote: > > On Sat, 2015-08-22 at 08:05 -0700, Alice Wonder wrote: > >> Thunderbird has a MITM vulnerability with its otherwise rather groovy >> auto-configuration feature. > >> https://librelamp.com/FooBird#security >> >> has what I think would be the easiest solution while keeping the >> ability to auto-configure stuff. > > As for LibreSSL et al, perh...
2015 Aug 23
0
[security] Thunderbird vulnerable to MITM
On Sun, 2015-08-23 at 07:57 -0700, Alice Wonder wrote: > I stopped using Fedora because as soon as it was stable it was end of > life and I was forced to install a new bleeding edge unstable version. I am 'conservative' too. Once something is working well I do not wish to change it unless there is a compelling conspicuous advantage. > I do not like bleeding edge for most
2011 Mar 07
1
STARTTLS MITM in Postfix
http://marc.info/?l=postfix-users&m=129952854117623&w=2 Dovecot doesn't have this bug. It discards all buffered data when STARTTLS command runs. (Why do I think I've heard about this bug before? Or at least the same type of way to exploit it? Maybe there was another similarly exploitable bug.)
2012 Jun 22
2
SIP over SSL TCP or SRTP?
Hello, Which one of these ensures that SIP packets are sent and received in a secure format so that users using public wifi don't allow MITM type of attacks or others can't read the plaintext SIP packet info. VPN is not an option. Looking for 2nd most secure to VPN. P.S. Are both options part of the configs of Asterisk or need modules to be selected and installed before doing the configs? Thanks, -------------- next part ---------...
2020 Aug 27
3
accessing foreign AD users to NT domain
Rowland penny via samba ha scritto il 27/08/20 alle 15:49: > On 27/08/2020 14:19, Piviul via samba wrote: >> >>> >>> Microsoft is enforcing more securitybut it's Microsoft that develop >>> NetBIOS and LLMNR and if it's enforcing >> security should enforce these protocols or remove them from their OS >> isn't it? > > Microsoft
2020 Aug 28
3
accessing foreign AD users to NT domain
...a scritto il 27/08/20 alle 16:43: > [...] > Netbios is intrinsically tied to SMBv1 and? LLMNR (Link-Local Multicast > Name Resolution) is also connected in a way, it allows name resolutions > without a nameserver. So, if you are using it, I personally wouldn't, > ever heard of MITM ? Just to understand a little more... NetBIOS with a wins server configured is not prone to the MiTM attack, isn't it? Piviul
2017 Aug 15
2
How does SMB 3.0 encryption work?
It does, thanks. So if the password is known, or the KDC compromised, then in principle MITM becomes possible? On 2017-08-14 15:28, Andrew Bartlett wrote: > On Mon, 2017-08-14 at 06:45 -0400, Daniel Benoy via samba wrote: >> Is it perhaps using your password somehow? Like, if an attacker knew >> the >> password that the client is using to connect, would it then be ab...
2004 Aug 06
1
a new directory service
> My fear is the exploit-s'kiddie problem. Are there common exploits for man-in-the-middle? I've never seen one. I've seen rootkits, crackers, DoS tools, etc. But never anything as sophisticated as mitm. > I see no reason why anyone would constantly scan huge netblocks of cable > modem users, looking for the occasional target to haX0r. But that doesn't > stop the people who do. This is different from mitm. Scanning and trying rootkits is trivial. mitm is not. It's a differen...
2004 Mar 01
1
GSSAPI support in 3.8 ?
Hi All, >From Changelog with 3.8: "The experimental "gssapi" support has been replaced with the "gssapi-with-mic" to fix possible MITM attacks.The two versions are not compatible." I am using OpenSSH-3.6 with Simon's patch and OpenSSH-3.7 built with GSSAPI support. The latest version OpenSSH-3.8 is not working with 3.6 or 3.7 with GSSAPI authentication. I have seen this in changelog, but my question is, can anybody expla...
2000 Nov 04
0
Authentication scheme
...ver that makes an outgoing connection, the server is the one that accepts an incoming connection. This scheme is very similar to what SSH (secure shell) uses. However, a man in the middle could relay all messages between the client and the server up to the exchange of the metakeys. After that, the mitm breaks the connection with the real client, and sends his own metakey. After that, the mitm can receive messages from the server. It cannot send any messages though, because the mitm cannot decrypt the symmetric cipher key that has been sent to it. As a result, the mitm cannot send or receive any n...