I didn't give a full back ground in the original post. Eyevynd is
setting up Secure ID on a TIS Gauntlet to allow inbound connections
that will work with encryption.
About a year ago we were fiddling about with a Secure ID server and we had
a client set up to connect to the server, had the user enter the number
and followed this with user-id and password exchange followed by a crypto
session. We were trying to grab the connection as soon as the number and
user info was sent to the server but before the crypto started up.
Theoretically our connection hi-jacking packet sniffer should have been able
to grab the connection. In reality we never could. The Secure ID timing
parameters were very sensitive and we killed connections instead of
grabbing connections.
I saw a couple of sites where people were allowed to connect in from the
Internet using clear text for a few days when they were travelling.
Afterwards their access was blocked again but other people tried logging
in as them for weeks afterwards. This lead me to conclude there are
plenty of folks watching the Internet to see who has inbound access to
which network. You would be surprised which networks Bill Clinton tries
logging into. Of course I don't think this guy is the real President.
PoT_LiCkEr
|
|
