Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
HomeAnnouncementsWhite Papers
Discussion GroupsFirst AidDatabasesJavaBeansGUIJava 3DVirtual MachineCORBASecurityToolsGeneral
Java DirectoryOpen Source ProjectsSample Book ChaptersUser GroupsWeb Resources
Related Topics
Databases.NETMore Topics ...
Java Forum / First Aid / June 2005

Tip: Looking for answers? Try searching our database.

Encrypted NNTP ???

Thread view: 
Enable EMail AlertsStart New Thread
Jammin Jay - 31 May 2005 21:15 GMT
I was wondering if any one know if Comcast allows for encrypted communications
from Outlook express to these news servers.
I just ran a sniffer on my internal network and captured the traffic between my
pc and the Giga news server when I updated the headers...  Not to my surprise I
saw that when OE was connecting to Giganews, the main user account and password
were sent out on the wire as clear text..
I discovered this was also happening with outlook when I checked for email but I
was able to enable SSL for the email sessions.  I would like to do the same for
these news servers..

J
Reply to this Message
Jammin Jay - 31 May 2005 21:17 GMT
Sorry, wrong Thread.

My Bad...

J

>I was wondering if any one know if Comcast allows for encrypted communications
>from Outlook express to these news servers.
[quoted text clipped - 7 lines]
>
> J
Reply to this Message
Ewald Horn - 31 May 2005 21:52 GMT
Interesting. My ISP does not require a username or password to access the
newsgroups unless you are not on their network.

Still worrying enough to warrant investigation. I had the same worry when I
first found out my bank card's PIN is stored on the card itself and that
anyone with a card reader and some time can extract it with little effort.
Scary world we live in.

On the topic of security : Does anyone have any good experiences with
obfuscating some JAVA classes? I'm worried about local competitors because
our courts don't really care about software copyright that much and I have
to take some steps to prevent copying of my app becoming a walk in the park
procedure.

Regards

--
Ewald Horn
Business Manager
NoFuss Solutions
South Africa / Suid Afrika
Tel : +27 (0)83 305 3556
Web : http://www.nofusspos.com
Email / E-pos : ewald@nofusspos.com
Reply to this Message
Glenn Reynolds - 01 Jun 2005 11:16 GMT
Ewald

I tried retroguard, and that works fine on your own code. If you use
third-party libraries bundled with your JAR, this may become complicated.
Retroguard takes a JAR input, creates a JAR output.

rgds

Glenn

> Interesting. My ISP does not require a username or password to access the
> newsgroups unless you are not on their network.
[quoted text clipped - 20 lines]
> Web : http://www.nofusspos.com
> Email / E-pos : ewald@nofusspos.com
Reply to this Message
Ewald Horn - 01 Jun 2005 14:07 GMT
> Ewald
>
[quoted text clipped - 5 lines]
>
> Glenn

Thanks, it does get a little complicated with the libraries but nothing I
can't handle.

Regards

--
Ewald Horn
Business Manager
NoFuss Solutions
South Africa / Suid Afrika
Tel : +27 (0)83 305 3556
Web : http://www.nofusspos.com
Email / E-pos : ewald@nofusspos.com
Reply to this Message
Robert Maas, see http://tinyurl.com/uh3t - 11 Jun 2005 06:20 GMT
> From: "Ewald Horn" <info@nofusspos.com>
> Does anyone have any good experiences with obfuscating some JAVA
> classes? I'm worried about local competitors because our courts don't
> really care about software copyright that much and I have to take some
> steps to prevent copying of my app becoming a walk in the park
> procedure.

If you put your best software in an applet so that anybody on the net
can download it any time they want, you're a stupid fool and don't
deserve anybody's help.

If you keep your best software on the server, making it usable by
others via HTTP(JSP/Servlet/EJB) or RMI, but all that any remote user
can see is the interface and its i/o behaviour, not the
implementation, then what is the problem? Does your ISP lack proper
security or what? Or are you running the server on your own personal
Micro$uck Losedows system which is plagued with worm/trojan problems
from InterShit Exploiter etc. and you can't afford a firewall as a
separate box to protect your crappy server?
Reply to this Message
Jan Peter Stotz - 01 Jun 2005 10:14 GMT
Jammin Jay schrieb:

> I just ran a sniffer on my internal network and captured the traffic between my
> pc and the Giga news server when I updated the headers...  Not to my surprise I
[quoted text clipped - 3 lines]
> was able to enable SSL for the email sessions.  I would like to do the same for
> these news servers..

If the newsserver and your client support NNTP over SSL (snntp or nntps)
you can use it. The default port is 563 for nntps instead of 119 for nntp.

Jan
Reply to this Message


Free Magazines

Get these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...

Oracle MagazineNetwork ComputingComputer WorldBio-IT WorldeWeekInformation WeekInfosecurity
 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2008 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.