Firewall Wizards mailing list archives

RE: Transitive Trust: 40 million credit cards hack'd

From: "Marcus J. Ranum" <mjr () ranum com>
Date: Sun, 19 Jun 2005 17:39:47 -0400

David Lang wrote:

2. require authentication that isn't fully contained on the remote system (i.e. a token or one-time password, a 
digital certificate with a passphrase is NOT good enough)


That doesn't work, either. If you assume that the endpoint is insecure
(and it is, so that's a safe assumption) the 2 factor authentication works
only because it's harder to bypass than a password. If everyone was
using 2 factor authentication, you can bet hacker toolkits would be
full of nasty rootkits and malware that stole live sessions, or typed
keystrokes into live sessions once they came up (transparently, of course)

mjr. 

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

Current thread:

Re: Host based vs network firewall in datacenter, (continued)
- Re: Host based vs network firewall in datacenter Devdas Bhagat (Jun 13)
  - Re: Host based vs network firewall in datacenter Alin-Adrian Anton (Jun 17)
    - Transitive Trust: 40 million credit cards hack'd Marcus J. Ranum (Jun 18)
    - Re: Transitive Trust: 40 million credit cards hack'd Vin McLellan (Jun 18)
    - Re: Transitive Trust: 40 million credit cards hack'd George Capehart (Jun 18)
    - RE: Transitive Trust: 40 million credit cards hack'd Bill Royds (Jun 18)
    - RE: Transitive Trust: 40 million credit cards hack'd Marcus J. Ranum (Jun 18)
    - RE: Transitive Trust: 40 million credit cards hack'd Brian Loe (Jun 19)
    - RE: Transitive Trust: 40 million credit cards hack'd Marcus J. Ranum (Jun 19)
    - RE: Transitive Trust: 40 million credit cards hack'd David Lang (Jun 19)
    - RE: Transitive Trust: 40 million credit cards hack'd Marcus J. Ranum (Jun 19)
    - Re: Transitive Trust: 40 million credit cards hack'd Darren Reed (Jun 20)
    - Re: Transitive Trust: 40 million credit cards hack'd Marcus J. Ranum (Jun 20)
    - RE: Transitive Trust: 40 million credit cards hack'd Paul D. Robertson (Jun 19)
    - Re: Transitive Trust: 40 million credit cards hack'd ArkanoiD (Jun 29)
    - Re: Transitive Trust: 40 million credit cards hack'd Paul D. Robertson (Jun 30)
    - RE: Transitive Trust: 40 million credit cards hack'd Paul Melson (Jun 21)
    - Re: Host based vs network firewall in datacenter sin (Jun 30)
- Re: Host based vs network firewall in datacenter Victor Williams (Jun 13)
- Re: Host based vs network firewall in datacenter Daniel Linder (Jun 15)
- Re: Host based vs network firewall in datacenter Chuck Swiger (Jun 15)

(Thread continues...)