Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Most common keystroke loggers?

From: "Steven" <steven () lovebug org>
Date: Wed, 21 Dec 2005 21:53:27 -0500
I would tend to have to agree with a lot of the responses to this thread.  If the machine is in fact compromised we 
cannot know if MITM attacks are occuring or if a OTP is being stolen by a fake website (or the likes).  We also don't 
know if the user has their password and information in size 72 font printed out and posted on the wall.  The point is 
that none of this matters.  While it is definitely good input, it does not help answer the OP's question.  It would 
seem to me that two-factor authentication (implemented correctly) would be perfect for this matter.

I saw that someone wrote earlier that the one time token from the two-factor could just be logged and entered in again 
real quickly.  I don't know this to be the case.  For example, I have never been in an environment that used RSA 
SecurID that would allow for a second use the the token.  If I logged into a website or box and then 5 seconds later 
tried to logon another (or the same) machine, it would deny the authentication.  IMO OTPs or two-factor (pin + OTP) 
would be a great fit for this problem.

Steven
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: