[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Emergency! Need single use passwords!

To: [email protected] (Lance Cottrell)
Subject: Re: Emergency! Need single use passwords!
From: Adam Shostack <[email protected]>
Date: Tue, 13 Dec 94 23:09:59 EST
Cc: [email protected] (Cypherpunks Mailing List)
In-Reply-To: <[email protected]>; from "Lance Cottrell" at Dec 13, 94 7:29 pm
Sender: [email protected]


| Hi all. We discovered that someone has been
| running a packet sniffer on our subnet of several
| dozen computers. He has all the passwords.
| This is my chance to try to get single use password
| login programs installed here. Please give me recomendations
| and ftp locations.

	S/Key is a very nice software only solution (no smart cards).
It has clients for Mac, PC, Unix, and supports paper lists as well.
Can be configured to only be invoked if the connection is from outside
your net.  ftp.win.tue.nl:/pub/security/logdaemon.tar.Z

	In quick reply to Derek's suggestion of Kerberos, I will point
out that Kerberos does not deal well with remote users. As far as I
know, you need a special connection mechanisim or your password will
travel in the clear to the boundary of your keberized network.  (There
is Kerberos support for S/key, there may be telnet programs.  There is
no paper list or palmtop support.)

Adam

	If you're interested, I can mail you the intro to S/Key sent
to our user community.  It covers S/key and PGP, since we have users
all over the globe.

-- 
"It is seldom that liberty of any kind is lost all at once."
						       -Hume

References:
- Emergency! Need single use passwords!
  - From: [email protected] (Lance Cottrell)

Prev by Date: No Subject
Next by Date: Encrypted Credit Card Numbers For Transmission....
Prev by thread: Re: Emergency! Need single use passwords!
Next by thread: Re: Emergency! Need single use passwords!
Index(es):
- Date
- Thread