Firewall Wizards mailing list archives
Re: Radius access from provider to internal MS ISA Server
From: "Kyle R. Hofmann" <krh () lemniscate net>
Date: Fri, 05 Jul 2002 14:29:59 -0700
On Fri, 05 Jul 2002 11:53:54 -0400, Paul Robertson wrote:
your Radius box is giving the challenges then as long as they're "unique in space and time" and not predictable then you're probably safe from everything but a password guessing attack (modulo MD5 attacks). In other words, use good passwords - but you probably didn't need to be told that.IMO, strong passwords are dead- dictionaries are too good now, if you're using reusable passwords, you should assume compromised credentials at some level, esepcially if a third party gets to participate.
Dictionaries are only too good if you use them to find your passwords. What's wrong with using a random device and a Perl script?: $ uname OpenBSD $ perl -we 'open(RND, "/dev/arandom");read(RND,$x,15);@x=split //,$x;for(@x){next if(ord($_)>191);print chr((ord($_)%96)+32);}print "\n";' O6G2c}S#@|TS & $ Try finding O6G2c}S#@|TS in a dictionary. And if you can't remember it, write it down on a slip of paper and put it in your wallet. -- Kyle R. Hofmann <krh () lemniscate net> _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Radius access from provider to internal MS ISA Server Christoph Steigmeier (Jul 04)
- Re: Radius access from provider to internal MS ISA Server Paul Robertson (Jul 04)
- RE: Radius access from provider to internal MS ISA Server Ben Nagy (Jul 05)
- RE: Radius access from provider to internal MS ISA Server Paul Robertson (Jul 05)
- Re: Radius access from provider to internal MS ISA Server Kyle R. Hofmann (Jul 05)
- Re: Radius access from provider to internal MS ISA Server Paul Robertson (Jul 05)
- RE: Radius access from provider to internal MS ISA Server Ben Nagy (Jul 07)
- RE: Radius access from provider to internal MS ISA Server Paul Robertson (Jul 07)
- RE: strong passwords (was Radius/MS ISA stuff) Ben Nagy (Jul 08)
- RE: strong passwords (was Radius/MS ISA stuff) Paul Robertson (Jul 08)
- Re: strong passwords (was Radius/MS ISA stuff) Barney Wolff (Jul 08)
- RE: Radius access from provider to internal MS ISA Server Ben Nagy (Jul 05)
- RE: strong passwords (was Radius/MS ISA stuff) Bill Royds (Jul 08)
- Re: Radius access from provider to internal MS ISA Server Paul Robertson (Jul 04)
- RE: Radius access from provider to internal MS ISA Server R. DuFresne (Jul 06)
- RE: Radius access from provider to internal MS ISA Server Bill Royds (Jul 06)
- RE: Radius access from provider to internal MS ISA Server Ben Nagy (Jul 07)