January 2010
Beginner to intermediate
936 pages
27h 45m
English
Content preview from Mac® Security Bible
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
9.2. Logging In Securely
The first potential security hole in your email setup involves the credentials you use to log in to check and send email. Needless to say, whoever can guess or steal your password can log in to your account — checking your email and sending email in your name. Because your username is usually either your email address or the portion of the address before the @ sign, only your password is truly confidential, and it pays to keep it that way. And yet, by default, many email clients send this information in cleartext over the Internet when logging in to mail servers, and it's easily intercepted by anyone with access to any of the network segments between your computer and the server.
Several methods are available to encrypt your credentials in the process of logging in to your mail server, so that even if someone is eavesdropping on your network traffic, at least that crucial information remains hidden. As long as your ISP or email provider supports secure logins (as most do), you should make use of this capability. Be sure to check with your provider to see which method(s) of secure login they support, such as MD5 Challenge-Response, NTLM (NT LAN Manager), or Kerberos.
NOTE
If you use SSL to send and receive mail, as described later in this chapter, your logins are already encrypted, even if your client appears to be configured to use an insecure login method.
Secure logins don't mean your email itself is encrypted, but they do mean that the only data eavesdroppers ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access
More than 5,000 organizations count on O’Reilly
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.Julian F.
I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.Addison B.
I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.Amir M.
I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.