Prev: Getting Usenet headers into Access database
Next: Cheap Wholesale Chanel Shoes
From: Vincent on 12 Jul 2010 21:11
I'm not sure if anyone has a definitive answer on this, but thought I
would ask. If I establish a centrally located workgroup file on a
network share, are the passwords stored in the workgroup file
"sniffable" across the network? I have been running Wireshark while I
access the application across the network and have not seen the
password show up in my capture. But, I was wondering if there were
scenarios where this might occur.

Any insight into this is appreciated.

Thanks.

Vincent
From: The Frog on 13 Jul 2010 04:05
To the best of my knowledge it is not directly sniffable. I cannot
remember what crypto scheme it uses to encrypt the plaintext, but it
might be possible to identify the type of transmission (ie/ network
block type) with wireshark when the application is started, then
subsequently identify the actual comparison / lookup, then decrypt it.
In short it is probably do-able, I am just not sure that it is worth
the effort when you could probably just attack the workgroup file
directly, or the BE directly depending on your intent.

If security is a serious issue for you then you may want to consider a
product with a more capable and integrated security system. There are
plenty of good server type databases available on the market for free,
with good security models, and will still allow you to keep the FE you
have created in Access. Just a thought.

Cheers

The Frog
 | 
Pages: 1
Prev: Getting Usenet headers into Access database
Next: Cheap Wholesale Chanel Shoes