SecurityFocus

At what layer to hash a password Jun 21 2010 01:06PM
Robin Wood (robin digininja org) (5 replies)

RE: At what layer to hash a password Jun 28 2010 08:37PM
Niels Teusink (teusink fox-it com) (1 replies)

Re: At what layer to hash a password Jun 29 2010 04:46AM
Chris Travers (chris metatrontech com)

On Mon, Jun 28, 2010 at 1:37 PM, Niels Teusink <teusink (at) fox-it (dot) com [email concealed]> wrote:

> No perfect solution I guess :) (especially if you have the multiple interfaces thing to take into account)

The perfect solution would be to use mod_auth_krb5 with Apache and
pass the ticket off to the application, database, etc. Only works
well on intranets though.....

Best Wishes,
Chris Travers

This list is sponsored by Cenzic
--------------------------------------
Let Us Hack You. Before Hackers Do!
It's Finally Here - The Cenzic Website HealthCheck. FREE.
Request Yours Now!
http://www.cenzic.com/2009HClaunch_Securityfocus
--------------------------------------

[ reply ]

RE: At what layer to hash a password Jun 26 2010 07:26PM
Dave Wichers (dave wichers aspectsecurity com) (1 replies)

Re: At what layer to hash a password Jun 26 2010 07:29PM
Robin Wood (robin digininja org)

Re: At what layer to hash a password Jun 26 2010 05:02PM
Javier Bassi (javierbassi gmail com) (1 replies)

Re: At what layer to hash a password Jun 29 2010 04:43AM
Chris Travers (chris metatrontech com)

Re: At what layer to hash a password Jun 26 2010 02:36PM
Chris Travers (chris metatrontech com)

Re: At what layer to hash a password Jun 26 2010 11:13AM
Tom Ritter (tom ritter vg) (1 replies)

Re: At what layer to hash a password Jun 28 2010 08:55AM
Grega Bremec (gregab p0f net) (2 replies)

Re:Re: At what layer to hash a password Jun 29 2010 01:48AM
è?? (deco1987 126 com)

Re: At what layer to hash a password Jun 28 2010 02:17PM
Robin Wood (robin digininja org)