>From WinZip help file: �Password protecting files in a Zip file provides a measure of protection against casual users who don't have the password and are trying to determine the contents of your files. The Zip 2.0 encryption format, however, is not as secure as DES and the RSA public key formats used by programs such as PGP��
Also, IIRC, a password-protected zip file still lets you see the names and types of files in the zip before asking for a password. This lets the attacker find out whether the downloading and running of a zip password breaking utility is worth the effort. Instead, use PGP. It allows you to create a self-decrypting executable using a passphrase. You can then send the encrypted file through regular e-mail and relay the passphrase through some other channel. The recipient requires no software either, which is not the case with zip files. Cheers, Dustin ----- Original Message ----- From: "Marc Spitzer" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, November 27, 2002 11:28 AM Subject: Re: How best to encrypt and email results.... > On Tue, 26 Nov 2002 21:06:10 +0000 > Mile Fivie <[EMAIL PROTECTED]> wrote: > > > Anyone got any good suggestions on how to best encrypt and email html > > results to my counterpart on the west coast? Ideally, no extra software > > required on his end. > > zip file with a password would do it. > > marc > > > > > I don't want to just email the damn thing in the clear. > > > > Any ideas would be appreciated. > > > > -Mike Fivie > > > > > > > > > > > > > > _________________________________________________________________ > > Tired of spam? Get advanced junk mail protection with MSN 8. > > http://join.msn.com/?page=features/junkmail > > > > - > > [EMAIL PROTECTED]: general discussions about Nessus. > > * To unsubscribe, send a mail to [EMAIL PROTECTED] with > > "unsubscribe nessus" in the body. > - > [EMAIL PROTECTED]: general discussions about Nessus. > * To unsubscribe, send a mail to [EMAIL PROTECTED] with > "unsubscribe nessus" in the body. > -------------------------------------------------------------------- mail2web - Check your email from the web at http://mail2web.com/ . - [EMAIL PROTECTED]: general discussions about Nessus. * To unsubscribe, send a mail to [EMAIL PROTECTED] with "unsubscribe nessus" in the body.
