RE: Looking for "lease based popper access"

["R. DuFresne" <dufresne () sysinfo com>]

Has there been a patch released by the RSA folks to deal with it's recent
failing?  The impact of the RSA buffer overflow is that it affects all
applications built around it's core, this includes ssh, ssl enabled
webservers, etc..  Yep all those aplications built with RSA are now
exploitable, so, has a pacht been released that addresses this and allows
folks to patch RSAREF then rebuild all the applications that use it?

Thanks,

Ron DFresne

On Mon, 13 Dec 1999, Jan van Rensburg wrote:

> hi,
> not that i have a good solution for you, except maybe looking into RSA
> authentication, but:
>
> > Thus, when an employee was rejected access, they would send an email
> > that would invoke a procmail script that would add their IP address to
> > the file or table with an expiration date. Then the employee would not
> > be inconvenienced again until the lease expired.
>
> this can be too easily spoofed, and is a very bad idea. maybe you could
> install an ssh server on your side which only allows RSA auth for all users,
> and then tunnel pop3 via ssh port forwarding.
>
> --jan van rensburg

-- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        admin & senior consultant:  darkstar.sysinfo.com
                  http://darkstar.sysinfo.com

"Cutting the space budget really restores my faith in humanity.  It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation."
                -- Johnny Hart

testing, only testing, and damn good at it too!