[Cvsnt] Making Progress, not there yet (was Installing CVSNT and Connecti ng from Clients)

Brian Smith brian-l-smith at uiowa.edu
Fri Apr 19 22:14:34 BST 2002


Community technical support mailing list was retired 2010 and replaced with a professional technical support team. For assistance please contact: Pre-sales Technical support via email to sales@march-hare.com.


Besides that, pserver connections are easy to spoof since they don't
have any defense against replay detection or tampering. The same applies
to SSPI and :gserver: unless you use -a or -x

Tony Hoyle wrote:
> Anthony Williams wrote:
>
>> Understandable, though I think SSPI helps here (But maybe only for
>> win2k->win2k as NTLMv1 used by win9x is insecure?)
>
>
> Not half as insecure as pserver is....  plus you can encrypt SSPI which
> helps a lot.
>
> Sending passwords over pserver is roughly equivalent to sending them
> plaintext - the
> encryption is trivial.
>
> Tony
>
>
> _______________________________________________
> Cvsnt mailing list
> Cvsnt at cvsnt.org
> http://www.cvsnt.org/cgi-bin/mailman/listinfo/cvsnt https://www.march-hare.com/cvspro/en.asp#downcvs

_______________________________________________
Cvsnt mailing list
Cvsnt at cvsnt.org
http://www.cvsnt.org/cgi-bin/mailman/listinfo/cvsnt https://www.march-hare.com/cvspro/en.asp#downcvs



More information about the cvsnt mailing list
Download the latest CVSNT, TortosieCVS, WinCVS etc. for Windows 8 etc.
@CVSNT on Twitter   CVSNT on Facebook