Home page logo

basics logo Security Basics mailing list archives

Re: RSA Compromise
From: navin1406 () yahoo com
Date: Sat, 2 Apr 2011 03:00:51 +0000

Hi Chris,

Let's assume you know random code range for my Securid, you will still need to know few things more:
1. My pin
2. Remote login URL to my infrastructure
3. My actual userid
4. My password for the internal resource

With even the default security measure deployed for failed attempts, how easier it would be for someone to use the 
random fab code and successfully get into someone's remote machine and steal data.

Please correct me if I am missing any points above.

Thank you,

Sent on my BlackBerry® from Vodafone

-----Original Message-----
From: "Chris Weber" <chris () casabasecurity com>
Date: Fri, 1 Apr 2011 15:34:22 
To: <navin1406 () yahoo com>; <security-basics () securityfocus com>
Subject: RE: RSA Compromise

Send me your SecurID and PIN and I'll tell you :)

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On
Behalf Of navin1406 () yahoo com
Sent: Friday, April 01, 2011 12:49 PM
To: security-basics () securityfocus com
Subject: RSA Compromise

Hi Guys,

How serious does the RSA breach looks like and what proactive measures
should we take to mitigate exposure if any?


Sent on my BlackBerryR from Vodafone

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]