[<prev] [next>] [day] [month] [year] [list]
Message-ID: <001c01c606a2$e2dd4b60$c801a8c0@island55>
Date: Thu Dec 22 02:55:43 2005
From: steven at lovebug.org (Steven)
Subject: Re: Most common keystroke loggers?
I would tend to have to agree with a lot of the responses to this thread. If the machine is in fact compromised we cannot know if MITM attacks are occuring or if a OTP is being stolen by a fake website (or the likes). We also don't know if the user has their password and information in size 72 font printed out and posted on the wall. The point is that none of this matters. While it is definitely good input, it does not help answer the OP's question. It would seem to me that two-factor authentication (implemented correctly) would be perfect for this matter.
I saw that someone wrote earlier that the one time token from the two-factor could just be logged and entered in again real quickly. I don't know this to be the case. For example, I have never been in an environment that used RSA SecurID that would allow for a second use the the token. If I logged into a website or box and then 5 seconds later tried to logon another (or the same) machine, it would deny the authentication. IMO OTPs or two-factor (pin + OTP) would be a great fit for this problem.
Steven
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20051221/8b05d80a/attachment.html
Powered by blists - more mailing lists