Eset unencrypted user details

Discussion in 'ESET Smart Security' started by sladdy, Jun 12, 2013.

Thread Status:
Not open for further replies.
  1. sladdy

    sladdy Registered Member

    Joined:
    Jun 12, 2013
    Posts:
    1
    My IPS warns me about Eset Smart Security 6.0.316.3 sending unsecure authentication to Eset servers:

    Destination: 91.228.166.15:80
    Warning: 1:2006380 ET POLICY Outgoing Basic Auth Base64 HTTP Password detected unencrypted.

    Should I be worried about attacks (i.e. mitm)?
     
  2. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,375
    Although it's possible to eavesdrop the communication with update servers, "stealing" the username and password wouldn't give the potential attacker interesting benefits like it would be in case of financial transactions or other important and confidential data.
     
Thread Status:
Not open for further replies.