On Sun, Mar 18, 2001 at 03:38:36PM +0100, William Leese wrote: > Having a cable modem I'm concerned with the fact that when I use email my > password is sent in clear text over the network. I've heard that there were as you should be, cable modems generally are equivilent to large unswitched lans, which means any bozo with a cable modem can set thier machine to primisquous mode and see every packet sent by any cable modem user. (at least for that segment) > other services that could be used instead of POP but i'm not sure if that can > be used here if my provider doesnt support it. imap over ssl maybe.. > For my email I use my providers POP server. For sending email I also use > their server. Though in the past I used sendmail, can someone tell me the > advantages of using one over the other? if you have a static ip and your connection is actually stable you could just run your own mailserver and have mail delivered directly to it. that way you don't need pop3 or imap. no passwords sent anywhere that way. you still need to use GnuPG to encrypt any mail you don't want everyone seeing but you should do that regardless of your network connection. > Also, if there any way I can encrypt the passwords being sent without the > provider taking any needed steps to enable me to do so? only if you have a shell account on thier pop3 server via ssh, then you can tunnel the pop3 connection over ssh. if you have a shell account on any of thier machines that would probably still be an improvment since you would get the connection encrypted at least into thier hopefully switched and secure lan and off the insecure cable modem network. unfortunatly there seems to be a law saying all ISPs must suck, and thus shell access is an endangered species. along with static ips, reliability, security, etc etc.... -- Ethan Benson http://www.alaska.net/~erbenson/
Attachment:
pgp2WJbKFRDuu.pgp
Description: PGP signature