Re: Secure basic authentication. Is it possible?

From: Duane Wessels <wessels@dont-contact.us>
Date: Fri, 21 May 2004 10:36:42 -0600 (MDT)

On Fri, 21 May 2004, [koi8-r] "Slivarez ![koi8-r] " wrote:

> Hi, ALL.
>
> I'm using squid-2.5.STABLE5+basic_auth(ncsa_auth). BUT simply
> Sniffer can get USERID and PASSWORD from tcp packets. Is there any
> possibility to make basic authentication more secure?

Basic authentication is fundamentally insecure. If you need to secure
it, then you would have to use a technique like SSL port-forwarding or
IPsec encryption.

Duane W.
Received on Fri May 21 2004 - 10:36:42 MDT

This archive was generated by hypermail pre-2.1.9 : Mon May 31 2004 - 12:00:02 MDT