Security Basics mailing list archives

Re: RSA Compromise

From: navin1406 () yahoo com
Date: Sat, 2 Apr 2011 03:00:51 +0000

Hi Chris,

Let's assume you know random code range for my Securid, you will still need to know few things more:
1. My pin
2. Remote login URL to my infrastructure
3. My actual userid
4. My password for the internal resource

With even the default security measure deployed for failed attempts, how easier it would be for someone to use the 
random fab code and successfully get into someone's remote machine and steal data.

Please correct me if I am missing any points above.

Thank you,

Navin
Sent on my BlackBerry® from Vodafone

-----Original Message-----
From: "Chris Weber" <chris () casabasecurity com>
Date: Fri, 1 Apr 2011 15:34:22 
To: <navin1406 () yahoo com>; <security-basics () securityfocus com>
Subject: RE: RSA Compromise

Send me your SecurID and PIN and I'll tell you :)

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On
Behalf Of navin1406 () yahoo com
Sent: Friday, April 01, 2011 12:49 PM
To: security-basics () securityfocus com
Subject: RSA Compromise

Hi Guys,

How serious does the RSA breach looks like and what proactive measures
should we take to mitigate exposure if any?

Thanks,

Navin
Sent on my BlackBerryR from Vodafone

Current thread:

RSA Compromise navin1406 (Apr 01)
- RE: RSA Compromise Valin, Christian (Apr 05)
- Re: RSA Compromise Ivan . (Apr 05)
- Re: RSA Compromise Spacerat (Apr 05)
- RE: RSA Compromise Chris Weber (Apr 05)
  - Re: RSA Compromise navin1406 (Apr 05)
- Re: RSA Compromise techfrancis (Apr 05)
- RE: RSA Compromise faruk (Apr 05)
- Re: RSA Compromise Juan Morales (Apr 07)
  - Re: RSA Compromise Benjamin Kenneally (Apr 07)
- Re: RSA Compromise amolarakh (Apr 07)