Liste de diffusion SIMS@stalker.com Message #15507
De: Bill Cole <listbill@scconsult.com>
Sujet: Re: Authentication
Date: Fri, 20 Jul 2007 08:01:14 -0400
A: SIMS Discussions <SIMS@mail.stalker.com>
At 1:16 AM -0400 7/20/07, Paul Galati  imposed structure on a stream of electrons, yielding:
Can someone explain what happened here? 04:49:16 concerns me the most.  He
only got 10 messages or so before I disabled the account.  Did he guess
the username and password?

Yes.

That was not so hard. It looks like your user "dan" is a fool. His password was "1234"

The AUTH LOGIN method is essentially open user ID and password sent in the clear except for base64 encoding to protect them from transport clobbering. SIMS logs the encoded password, and the snippet you included showed it.



--
Bill Cole
bill@scconsult.com

S'abonner aux messages S'abonner aux sommaires S'abonner aux indexes Se désabonner Ecrire un email au responsable de la liste