Home page logo

educause logo Educause Security Discussion mailing list archives

Re: Guest wireless restrictions
From: Valdis Kletnieks <Valdis.Kletnieks () VT EDU>
Date: Tue, 30 Apr 2013 14:59:47 -0400

On Tue, 30 Apr 2013 12:26:47 -0400, Derek Diget said:

What are you going to do for sites that offer with IMAP on 143 with
LOGINDISABLED and STARTTLS?  It isn't any less "secure" than IMAP on 993
with SSL

Does anybody significant actually do this?  I haven't seen anybody doing
IMAP on 143 in ages - everybody sane is on 993.

How do you tell the difference with a message submission over 587 that
does not require STARTTLS before any SMTP AUTH and one that does?

Ditto. It's been ages since I saw anything that didn't require STARTTLS first.

And it's 2013 - certainly time to name-and-shame people who *still* can't
get this basic security stuff right.

Attachment: _bin

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]