1994-12-14 - Re: Emergency! Need single use passwords!

Header Data

From: lcottrell@popmail.ucsd.edu (Lance Cottrell)
To: cypherpunks@toad.com
Message Hash: d466502619a18b33fd33bc8d08c4757d2192b1ee67969fb1111c4e1c2306de7f
Message ID: <ab143ad9040210044bfd@[137.110.24.249]>
Reply To: N/A
UTC Datetime: 1994-12-14 06:11:57 UTC
Raw Date: Tue, 13 Dec 94 22:11:57 PST

Raw message

From: lcottrell@popmail.ucsd.edu (Lance Cottrell)
Date: Tue, 13 Dec 94 22:11:57 PST
To: cypherpunks@toad.com
Subject: Re: Emergency! Need single use passwords!
Message-ID: <ab143ad9040210044bfd@[137.110.24.249]>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>| Hi all. We discovered that someone has been
>| running a packet sniffer on our subnet of several
>| dozen computers. He has all the passwords.
>| This is my chance to try to get single use password
>| login programs installed here. Please give me recomendations
>| and ftp locations.
>
>        S/Key is a very nice software only solution (no smart cards).
>It has clients for Mac, PC, Unix, and supports paper lists as well.
>Can be configured to only be invoked if the connection is from outside
>your net.  ftp.win.tue.nl:/pub/security/logdaemon.tar.Z
>
>        In quick reply to Derek's suggestion of Kerberos, I will point
>out that Kerberos does not deal well with remote users. As far as I
>know, you need a special connection mechanisim or your password will
>travel in the clear to the boundary of your keberized network.  (There
>is Kerberos support for S/key, there may be telnet programs.  There is
>no paper list or palmtop support.)
>
>Adam
>
>        If you're interested, I can mail you the intro to S/Key sent
>to our user community.  It covers S/key and PGP, since we have users
>all over the globe.
>
>--
>"It is seldom that liberty of any kind is lost all at once."
>                                                       -Hume

Wonderful, thanks. That is exactly what I was looking for. I forgot the name of
the program.

BTW, remailer@nately and mixmaster@nately will be down till tomorrow morning
because we yanked the thicknet connection out of our Ethernet repeater. Lets
see a hacker get through THAT security ;)
No messages will be lost. They should be back up around 11:00 AM PST tomorrow.
To spare you other remailer operators out there a flood of messages, I turned
off my pinging scripts ;)
-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQCVAwUBLu6LblVkk3dax7hlAQHq6gP+NnwclSRJ9b9G5qV9qsfE/1MH0o+K+vcq
2JNRgPgPhdo9CrBO+c65KnVXXse8k6wiAY2vcwJdN/01c4SmqoHnrAU0n7Zpoyxx
v3uilFCBIOLw4jtwBPq8ipspYDJior5q86Shhc1Cy66iPyU67DOiXMDssucBGLaU
w3rgkImkCHU=
=jZ6r
-----END PGP SIGNATURE-----

--------------------------------------------------
Lance Cottrell  who does not speak for CASS/UCSD
loki@nately.ucsd.edu
PGP 2.6 key available by finger or server. Encrypted mail welcome.
Home page http://nately.ucsd.edu/~loki/
Home of "chain" the remailer chaining script.
For anon remailer info, mail remailer@nately.ucsd.edu Subject: remailer-help

"Love is a snowmobile racing across the tundra.  Suddenly
it flips over, pinning you underneath.  At night the ice
weasels come."
                        --Nietzsche







Thread