[BlueOnyx:03321] Re: Suggestions for trashed filesystem?
Steve Howes
steve-lists at geekinter.net
Tue Jan 12 08:56:32 -05 2010
On 12 Jan 2010, at 13:42, Chris Gebhardt - VIRTBIZ Internet wrote:
> Steve Howes wrote:
>> Leave tcpdump running for a while. Anyone not using SSL will tell you
>> their passwords soon enough...
> Interesting, Steve! What is your recipe for weeding out the
> passwords?
> On a box with even a modicum of traffic, I think I'd have some issues
> with that.
Pick a protocol (POP3/IMAP would be my choice), then tcpdump just
that. Nuke any packets without 'user' or 'pass' in (or IMAP
equivalent) and you should get something useful. You may well have
issues with it (i.e. its a lot of work) but if its that or get a few
hundred customers to reconfigure their mail clients - it might well be
worth it....
Steve
More information about the Blueonyx
mailing list