Declan Caulfield wrote: > However, this offers just a little more security, as if you sniff the admin > password and use it to log in to the admin pages via HTTP:81 a would be > hacker can change both the root and admin passwords using the Administrator > button.
Why would you or anyone send your password in clear text when all you have to do is self-issue a cert to get 128-bit ssl protection? > Rule of thumb, change your admin password regularly. Rule of thumb, don't use http; use a secure cert (even a self-signed one) and https. Jeff -- Jeff Lasman <[EMAIL PROTECTED]> Linux and Cobalt/Sun/RaQ Consulting nobaloney.net P. O. Box 52672, Riverside, CA 92517 voice: (909) 778-9980 * fax: (702) 548-9484 _______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security
