Snort mailing list archives

password sniffingj

From: Tracy R Reed <treed () ultraviolet org>
Date: Fri, 17 Aug 2001 01:57:52 -0700

Are there snort rules which will detect passwords being sent in cleartext?
I am interested in catching any passwords being sent in the clear in a
number of protocols (http, pop, imap, etc). It is against corporate policy
to send passswords in the clear but we have no way of knowing whether a
developer has done something silly like set up non-ssl http authentication
on some web server somewhere. I suppose I could run linsniff but it would
be nice to have something integrated with snort that supported more
protocols.

-- 
Tracy Reed      http://www.ultraviolet.org
"Every artist is a cannibal, every poet is a thief.
 They all kill their inspiration, and sing about the grief." - U2

Attachment: _bin
Description:

Current thread:

password sniffingj Tracy R Reed (Aug 17)
- Re: password sniffingj Pär Thoren (Aug 17)
- <Possible follow-ups>
- FW: password sniffingj Sutton, Andrew (Aug 17)
- RE: password sniffingj Dell, Jeffrey (Aug 17)
  - Re: password sniffingj Michael Boman (Aug 17)
- Re: FW: password sniffingj Neil Dickey (Aug 17)