What POP3-hack is this?

Henrik · August 31, 2007, 10:36am

http://in.news.yahoo.com/070830/48/6k50t.html

What kind of POP3-hack is this a matter about, and is InterWorx vulnerable?

Thanks.

system · September 6, 2007, 9:41pm

Look at it this way, no server is secure. None. Ziltch. The web is an enemy! The best you can do is try to protect it and make it less of a target… It’s the same as cars, all can be broken into - but one with an alarm is less of a target.

Always update your server with recent versions and you should be fine.

Henrik · September 6, 2007, 11:26pm

That could be said about anything, but I appreciate your concern.

According to what I’ve read (especially on the swedish side of the web) the person that discovered this security hole got access to the information through a man in the middle approach. I’m not sure how that would explain anything, but that’s at least one piece of the puzzle.

It would be interesting to see which platform this is regarding, and the methodology used.

system · September 7, 2007, 1:18am

Man in the middle attacks are difficult to prevent. It’s an issue that DNS is suffering, such as DNS poisoning.

Henrik · September 10, 2007, 4:09am

It is clear now what it was, just as many has been speculating about on various forums it was Dan who used Tor to listen in on all traffic that went through a Tor-node that he set up for this purpose. (according to http://www.idg.se/2.1085/1.119956 )

One can ask why various Fortune 500 business / governments etc are using Tor and in an un-encrypted mode to add to that.