| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: kdebisschop at alert.infoplease.com (Karl DeBisschop) Subject: How to easily bypass a firewall... On Tue, 2003-07-29 at 12:35, Kain wrote: > On Tue, Jul 29, 2003 at 12:01:42PM -0400, compguruman@...l.comcast.net wrote: > > At 03:49 PM 7/28/2003 -0500, you wrote: > > >5. Firewall dialog box uses random numbers / letters represented by graphics > > >that the user has to enter in a password field if the password is not > > >correct sound alarm, halt system. > > > > know of anything that does this? > Well, the signup procedures for some services, such as Yahoo, Paypal etc do > this, but they have the advantage that your application trying to spoof the > response cannot access the memory space of the running program. Of course this does not work if you are blind using voice reader (or braille reader) to access the website. Same would apply to a firewall. I think that sort of design may preclude the product from US government purchases, but that's just a guess on my part. -- Karl DeBisschop <kdebisschop@...rt.infoplease.com> Pearson Education/Information Please
Powered by blists - more mailing lists