[Cvsnt] Permissions for changing files in module
Brian Smith
brian-l-smith at uiowa.edu
Wed Feb 20 18:45:42 GMT 2002
Tony Hoyle wrote:
> On Wed, 20 Feb 2002 09:53:45 +0000 (UTC), "Koen" <no at ssppaamm.com>
> wrote:
>
> If you're that bothered about security then pserver is the *worst*
> protocol to choose as the passwords are trivially decrypted. Kerberos
> or SSH are needed for that level of security. sspi is a good middle
> ground - you can in theory crack the NT passwords (they're MD5'd I
> believe) but it would take a couple of weeks on a fast machine
> provided you don't use passwords that aren't susceptible to a
> dictionary attack.
Tony, do NTSERVER & SSPI modes really send a hashed version of the password?
Thanks,
Brian
_______________________________________________
Cvsnt mailing list
Cvsnt at cvsnt.org
http://www.cvsnt.org/cgi-bin/mailman/listinfo/cvsnt
More information about the cvsnt
mailing list