MySQL Forums
Forum List  »  Security

Could a password be packet sniffed?
Posted by: Lee T
Date: June 17, 2010 06:46AM

Hi,

I am doing a desktop application that will use a single read/write account to access the database (the application will then take care of user security).

My question is, could a user install something like wireshark and do a packet capture and get the username & password for the read/write account which would then allow them access to the DB from another manager?

I ran wireshark myself, and I did see data in the packet captures but did not come across the username/password, but I'm not that familiar with wireshark so it could be there and I just missed it.

If this could be done, is an SSL connection the only way to prevent this?

Thanks.

Options: ReplyQuote


Subject
Views
Written By
Posted
Could a password be packet sniffed?
11250
June 17, 2010 06:46AM


Sorry, you can't reply to this topic. It has been closed.

Content reproduced on this site is the property of the respective copyright holders. It is not reviewed in advance by Oracle and does not necessarily represent the opinion of Oracle or any other party.