Nick Lidakis said: > Can someone point me to any HOWTO's for basic wireless security. I use my > laptop on some of the public WAP's in New York City. > I would like to be able to download my email without compromising my POP > mail password. I understand that with the proper software these can be > snatched up by people listening nearby. > > I am currently using Mozilla Mail as my client, but hope to swith to Mutt > in the future.
your best bets: 1) use POP3 over SSL (my preferred method) 2) use some other form of auth (APOP? MD5? never tried any of these myself) 3) establish a VPN to the network that has the POP server 4) use a webmail client which is secured with SSL 5) tunnel POP3 over SSH to the remote system many mail hosts do not provide any of the above, in which case you may be SOL. keep in mind that even without wireless, just doing POP over the internet your still exposed to having your password sniffed. This isn't as bad as "Wifi" but if your connecting to a remote network it isn't good if you value having your password secured. there was a recent SSL hoopla about being able to sniff SSL/IMAP and probably SSL/POP sessions as well but it's not easy to exploit and, at least for openssl users it's pretty easy to "fix". Though I haven't noticed an openssl for debian woody yet. I'm in no hurry myself. nate -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
