[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] Re: Most common keystroke loggers?

To: <full-disclosure@xxxxxxxxxxxxxxxxx>
Subject: [Full-disclosure] Re: Most common keystroke loggers?
From: "Steven" <steven@xxxxxxxxxxx>
Date: Wed, 21 Dec 2005 21:53:27 -0500

I would tend to have to agree with a lot of the responses to this thread.  If 
the machine is in fact compromised we cannot know if MITM attacks are occuring 
or if a OTP is being stolen by a fake website (or the likes).  We also don't 
know if the user has their password and information in size 72 font printed out 
and posted on the wall.  The point is that none of this matters.  While it is 
definitely good input, it does not help answer the OP's question.  It would 
seem to me that two-factor authentication (implemented correctly) would be 
perfect for this matter.

I saw that someone wrote earlier that the one time token from the two-factor 
could just be logged and entered in again real quickly.  I don't know this to 
be the case.  For example, I have never been in an environment that used RSA 
SecurID that would allow for a second use the the token.  If I logged into a 
website or box and then 5 seconds later tried to logon another (or the same) 
machine, it would deny the authentication.  IMO OTPs or two-factor (pin + OTP) 
would be a great fit for this problem.

Steven

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Prev by Date: RE: [Full-disclosure] Character vulnerabilities
Next by Date: Re: [WEB SECURITY] RE: [Full-disclosure] new attack technique? using JavaScript+XML+OWSPost Data
Previous by thread: Re: [Full-disclosure] Re: Most common keystroke loggers?
Next by thread: [Full-disclosure] Re: Most common keystroke loggers?
Index(es):
- Date
- Thread