funsec mailing list archives
RE: The end of Phishing in sight?
From: "Henderson, Dennis K." <Dennis.Henderson () umb com>
Date: Mon, 17 Oct 2005 17:25:40 -0500
Securid's pins are consumed as they are used, pin sync or login. Log it all you want.... no dice. _____ From: funsec-bounces () linuxbox org [mailto:funsec-bounces () linuxbox org] On Behalf Of Security Lists Sent: Monday, October 17, 2005 3:39 PM To: funsec () linuxbox org Subject: Re: [funsec] The end of Phishing in sight? I believe a SecurID token has a full 3-minute window of opportunity (more if you can get the user to enter two subsequent token #'s I believe, that's what's needed for token resync sequence), Phisher could simply script an instant automated MITM that would log them in on-the-fly, PIN and all. -Mark C Dave Killion wrote: On 10/17/05, Paul Schmehl <pauls () utdallas edu> wrote: OK, I'll bite. Are the banks going to be forced to provide the readers? Or is online banking going to become a thing of the past? ETrade is already providing certain select customers with SecurID tokens. -- Dave Killion, CISSP Contributing Author, Configuring NetScreen Firewalls PGP Key Fingerprint: E477 488D 4340 D04F DD94 2A65 048C B376 D50B 45C8 _____ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Re: The end of Phishing in sight?, (continued)
- Re: The end of Phishing in sight? Florian Weimer (Oct 17)
- Re[2]: The end of Phishing in sight? Pierre Vandevenne (Oct 17)
- Re: Re[2]: The end of Phishing in sight? Douglas F. Calvert (Oct 17)
- Re[4]: The end of Phishing in sight? Pierre Vandevenne (Oct 17)
- Re: The end of Phishing in sight? Valdis . Kletnieks (Oct 17)
- Re: The end of Phishing in sight? Blue Boar (Oct 17)
- Re[4]: The end of Phishing in sight? Pierre Vandevenne (Oct 17)
- RE: The end of Phishing in sight? Richard M. Smith (Oct 17)
- Re: The end of Phishing in sight? Mark C (Oct 17)
- Re: The end of Phishing in sight? Douglas F. Calvert (Oct 17)
- Re: Re[4]: The end of Phishing in sight? Douglas F. Calvert (Oct 17)
- Re: The end of Phishing in sight? Security Lists (Oct 18)
- RE: The end of Phishing in sight? Richard M. Smith (Oct 18)