[cvsnt] SSPI Protocol security
Tony Hoyle
tmh at nodomain.org
Fri Mar 7 10:43:48 GMT 2003
On Fri, 7 Mar 2003 09:33:19 -0000, "Thomas Muller" <ttm at online.no> wrote:
>Hi,
>
>Apardon my ignorance regarding the different protocols and CVS in general,
>but documentation is a bit scarce with respect to secruity implications
>excpect for the pserver protocol which is considered highly unsecure.
>
>How secure is SSPI? Is it just used for authentication and after that the
>actual transmission of commands and file contents is open?
>
It's a secure as MS wrote it... Basically SSPI from a Win9x machine is about
as secure as pserver (NTLMv1 is trivially crackable). Between NT machines
though it's pretty secure.
If you enable encryption then all the traffic is encrypted, although there's
little documentation about what encryption is used so I couldn't say how
secure it is - I guess it's pretty secure as I've never heard of anyone
cracking it.
Tony
More information about the cvsnt
mailing list