[inbox] Re: [Full-Disclosure] Cisco LEAP exploit tool...
DaveHowe at cmn.sharp-uk.co.uk
Wed Apr 14 16:19:14 BST 2004
Curt Purdy wrote:
> Agreed. If the packets/hashes can be accessed it can be compromised.
> "Unbreakable" has been touted from the 48-bit Netscape encryption
> that took USC's distributed network a week to crack, to Oracle 9i
> that took one day to compromise, I believe.
You are preaching to the choir there - however, my boss is preferring to
believe the consultant's claims that the 10 minute key cycle (communicated
by TLS) makes the system unbreakable.... so it doesn't need to be on a DMZ
and can work "just like they were on the lan"
Full-Disclosure is hosted and sponsored by Secunia.