Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

basics logo Security Basics mailing list archives

Re: Transmitting Sensitive Information between Servers
From: Chris Benedict <chrisbdaemon () gmail com>
Date: Mon, 8 Sep 2008 16:21:04 -0500
You should never transmit username and/or password in clear over any kind of network connection because it can be sniffed.
If you have to transmit the data then you should use some kind of encryption like SSL or IPSec. 

On Sep 8, 2008, at 11:48 AM, Basha, Arif wrote:



We have a policy to not pass user name/password, etc in clear between
servers within our DMZ.  Is this being too pedantic?

I would be interested to hear how others have this implemented?

Thanks.
Arif

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]