Full Disclosure mailing list archives

Re: [inbox] Re: Cisco LEAP exploit tool...

From: "Dave Howe" <DaveHowe () cmn sharp-uk co uk>
Date: Wed, 14 Apr 2004 16:19:14 +0100

Curt Purdy wrote:

Agreed.  If the packets/hashes can be accessed it can be compromised.
"Unbreakable" has been touted from the 48-bit Netscape encryption
that took USC's distributed network a week to crack, to Oracle 9i
that took one day to compromise, I believe.

You are preaching to the choir there - however, my boss is preferring to
believe the consultant's claims that the 10 minute key cycle (communicated
by TLS) makes the system unbreakable.... so it doesn't need to be on a DMZ
and can work "just like they were on the lan"

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

Cisco LEAP exploit tool... Joel R. Helgeson (Apr 10)
- RE: Cisco LEAP exploit tool... Rafael Núñez (Apr 10)
- Re: Cisco LEAP exploit tool... Thomas (Apr 14)
  - Re: Cisco LEAP exploit tool... Dave Howe (Apr 14)
    - Re: Cisco LEAP exploit tool... Ron DuFresne (Apr 14)
    - RE: [inbox] Re: Cisco LEAP exploit tool... Curt Purdy (Apr 14)
    - Re: [inbox] Re: Cisco LEAP exploit tool... Dave Howe (Apr 14)
    - Re: Cisco LEAP exploit tool... mmo (Apr 14)
    - Re: Cisco LEAP exploit tool... Paul Schmehl (Apr 14)
    - Re: Cisco LEAP exploit tool... Valdis . Kletnieks (Apr 14)
    - Re: Cisco LEAP exploit tool... Ron DuFresne (Apr 14)
    - Re: Cisco LEAP exploit tool... Paul Schmehl (Apr 14)
    - Re: Cisco LEAP exploit tool... Ron DuFresne (Apr 14)
    - RE: Cisco LEAP exploit tool... Aditya, ALD [Aditya Lalit Deshmukh] (Apr 14)
    - Re: Cisco LEAP exploit tool... Chris Adams (Apr 15)
- <Possible follow-ups>
- RE: Cisco LEAP exploit tool... Perrymon, Josh L. (Apr 10)
  - Re: Cisco LEAP exploit tool... mmo (Apr 11)

(Thread continues...)