Firewall Wizards mailing list archives

Re: Username password VS hardware token plus PIN

From: Dragos Ruiu <dr () kyx net>
Date: Wed, 23 Feb 2005 15:38:25 -0800

On February 22, 2005 03:13 pm, Frank Knobbe wrote:

On Wed, 2005-02-23 at 01:38 +0300, ArkanoiD wrote:

Aren't you afraid of BT-transmitted worm with keylogger feature? ;-))


Nope. Being security conscious, BlueTooth is disabled. (Actually, Nokia
did a good job keeping BT and IrDA disabled by default until you need
it.)  Also, a port scan when connected to Wifi didn't show any surface
to scratch on. That leaves attacks via email and MM-SMS messages.


Is it _really_ disabled, or is it just turning off address beaconing?
If the latter a brute force address searcher (c.f. RedFang and others)
may still find it.

cheers,
--dr
-- 
World Security Pros. Cutting Edge Training, Tools, and Techniques
Vancouver, Canada       May 4-6 2005  http://cansecwest.com
pgpkey http://dragos.com/ kyxpgp
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

Current thread:

Username password VS hardware token plus PIN MHawkins (Feb 22)
- Message not available
  - Re: Username password VS hardware token plus PIN Marcus J. Ranum (Feb 22)
    - Re: Username password VS hardware token plus PIN Frank Knobbe (Feb 22)
    - Re: Username password VS hardware token plus PIN Marcus J. Ranum (Feb 22)
    - Re: Username password VS hardware token plus PIN Frank Knobbe (Feb 22)
    - Re: Username password VS hardware token plus PIN Marcus J. Ranum (Feb 22)
    - Re: Username password VS hardware token plus PIN Frank Knobbe (Feb 22)
    - Re: Username password VS hardware token plus PIN ArkanoiD (Feb 22)
    - Re: Username password VS hardware token plus PIN Frank Knobbe (Feb 22)
    - Re: Username password VS hardware token plus PIN Dragos Ruiu (Feb 23)
    - Re: Username password VS hardware token plus PIN ArkanoiD (Feb 24)
    - Re: Username password VS hardware token plus PIN ArkanoiD (Feb 23)
    - Re: Username password VS hardware token plus PIN Frank Knobbe (Feb 23)
    - Re: Username password VS hardware token plus PIN ArkanoiD (Feb 22)
    - Re: Username password VS hardware token plus PIN Adam Shostack (Feb 22)
    - SSL cert expiration hermit921 (Feb 23)
    - Re: Username password VS hardware token plus PIN Dragos Ruiu (Feb 23)
    - Re: Username password VS hardware token plus PIN Marcus J. Ranum (Feb 23)
    - Re: Username password VS hardware token plus PIN Dragos Ruiu (Feb 24)
    - Re: Username password VS hardware token plus PIN ArkanoiD (Feb 24)

(Thread continues...)