[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Emergency! Need single use passwords!
-----BEGIN PGP SIGNED MESSAGE-----
>| Hi all. We discovered that someone has been
>| running a packet sniffer on our subnet of several
>| dozen computers. He has all the passwords.
>| This is my chance to try to get single use password
>| login programs installed here. Please give me recomendations
>| and ftp locations.
>
> S/Key is a very nice software only solution (no smart cards).
>It has clients for Mac, PC, Unix, and supports paper lists as well.
>Can be configured to only be invoked if the connection is from outside
>your net. ftp.win.tue.nl:/pub/security/logdaemon.tar.Z
>
> In quick reply to Derek's suggestion of Kerberos, I will point
>out that Kerberos does not deal well with remote users. As far as I
>know, you need a special connection mechanisim or your password will
>travel in the clear to the boundary of your keberized network. (There
>is Kerberos support for S/key, there may be telnet programs. There is
>no paper list or palmtop support.)
>
>Adam
>
> If you're interested, I can mail you the intro to S/Key sent
>to our user community. It covers S/key and PGP, since we have users
>all over the globe.
>
>--
>"It is seldom that liberty of any kind is lost all at once."
> -Hume
Wonderful, thanks. That is exactly what I was looking for. I forgot the name of
the program.
BTW, remailer@nately and mixmaster@nately will be down till tomorrow morning
because we yanked the thicknet connection out of our Ethernet repeater. Lets
see a hacker get through THAT security ;)
No messages will be lost. They should be back up around 11:00 AM PST tomorrow.
To spare you other remailer operators out there a flood of messages, I turned
off my pinging scripts ;)
-----BEGIN PGP SIGNATURE-----
Version: 2.6
iQCVAwUBLu6LblVkk3dax7hlAQHq6gP+NnwclSRJ9b9G5qV9qsfE/1MH0o+K+vcq
2JNRgPgPhdo9CrBO+c65KnVXXse8k6wiAY2vcwJdN/01c4SmqoHnrAU0n7Zpoyxx
v3uilFCBIOLw4jtwBPq8ipspYDJior5q86Shhc1Cy66iPyU67DOiXMDssucBGLaU
w3rgkImkCHU=
=jZ6r
-----END PGP SIGNATURE-----
--------------------------------------------------
Lance Cottrell who does not speak for CASS/UCSD
[email protected]
PGP 2.6 key available by finger or server. Encrypted mail welcome.
Home page http://nately.ucsd.edu/~loki/
Home of "chain" the remailer chaining script.
For anon remailer info, mail [email protected] Subject: remailer-help
"Love is a snowmobile racing across the tundra. Suddenly
it flips over, pinning you underneath. At night the ice
weasels come."
--Nietzsche