Bugtraq mailing list archives
SecurID
From: peiterz () secnet com (Peiter Z)
Date: Tue, 17 Sep 1996 04:53:36 -0600
Vin wrote:
PeiterZ reported that he and his associates were able to penetrate SecurID-protected systems, apparently from the Internet. I don't doubt it, particularly if he was using TCP-splicing with, say, Hobbit's Netcat. An OTP, admittedly, does not secure the network.
We did not use TCP-splicing / session hi-jacking to penetrate the SecurID-protected systems. The attacks we used are in the white paper at ftp://ftp.secnet.com. PeiterZ
Current thread:
- Re: SecurID White Paper - A Comment, (continued)
- Re: SecurID White Paper - A Comment Adam Shostack (Sep 10)
- Re: SecurID White Paper - A Comment Alan Cox (Sep 11)
- Re: SecurID White Paper - A Comment Mike Neuman (Sep 11)
- Re: SecurID White Paper - A Comment Vin McLellan (Sep 13)
- Re: SecurID White Paper - A Comment Alan Cox (Sep 16)
- Re: SecurID White Paper - A Comment carson () lehman com (Sep 16)
- Vunerability in HP SAM ? John W. Jacobi (Sep 16)
- Re: SecurID White Paper - A Comment Elliot Lee (Sep 16)
- CERT Vendor-Initiated Bulletin VB-96.15 - SCO Security Bulletin CERT Bulletin (Sep 16)
- Re: SecurID White Paper - A Comment Alan Cox (Sep 16)
- Re: SecurID White Paper - A Comment What we're dealing with here is a blatant disrespect of the law! (Sep 16)
- SecurID Peiter Z (Sep 17)
- Re: SecurID White Paper - A Comment Vin McLellan (Sep 16)