|
|
BugTraq
RSA SecurID SID800 Token vulnerable by design Sep 07 2006 06:49PM hadmut danisch de (Hadmut Danisch) (2 replies) Re: RSA SecurID SID800 Token vulnerable by design Sep 09 2006 09:41AM 3APA3A (3APA3A SECURITY NNOV RU) (2 replies) Re: RSA SecurID SID800 Token vulnerable by design Sep 09 2006 10:51PM Bojan Zdrnja (bojan zdrnja gmail com) (2 replies) Re[2]: RSA SecurID SID800 Token vulnerable by design Sep 11 2006 11:54AM 3APA3A (3APA3A SECURITY NNOV RU) RE: [Full-disclosure] Re: RSA SecurID SID800 Token vulnerable by design Sep 10 2006 02:27AM Lyal Collins (lyal collins key2it com au) Re: RSA SecurID SID800 Token vulnerable by design Sep 08 2006 10:33PM Bojan Zdrnja (bojan zdrnja gmail com) |
|
Privacy Statement |
> The only additional attack factor this issue creates is attacker can
> get _physical_ access to console with user's credentials _any time_
> while user is logged in, while in case token can not be red (e.g. it's
> not plugged to USB) he can only access console short after user logs in
> to compromised host (while token is not changed).
For web SSO in particular, accessing the token once is nearly as good
as accessing it constantly. The token will be used for the initial
authentication, but normally a cookie will be used for session
tracking. An attacker who can sniff the token code can certainly
steal the cookie as well.
Two-factor auth cannot be said to make accessing the network from a
compromised PC "safe". That does not make two-factor auth useless.
With plain passwords, once the attacker has the password, they can
access the network at will. With two-factor auth, they can access the
network for a much more limited time span.
Regards,
Brian
[ reply ]