Executing a file remotely
Josiah Carlson
jcarlson at nospam.uci.edu
Mon Feb 16 13:23:17 EST 2004
> In that case you'd be better off with a good port of ssh, which encrypts
> passwords and traffic (although it probably doesn't matter much if both
> machines are on a LAN where lots of Windows passwords already travel in the
> clear).
NTLM and NT hashes are not plaintext, even though there are well
documented brute-force attacks against those hashes.
On the other hand, many web pages (or POP3, IMAP, FTP, etc.) still
prefer to authenticate users using plain or base64 encoded passwords,
without ssl. This is a bigger security hole than NTLM or NT hashes by a
long shot.
- Josiah
More information about the Python-list
mailing list