|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Pavel Kankovsky (peak
argo.troja.mff.cuni.cz)Date: Sun Nov 18 2001 - 14:40:45 CST
On Thu, 15 Nov 2001, Alan J Rosenthal wrote:
> A login prompt for a non-account looks like this:
>
> login: flomp
> otp-md5 175 at2078 ext
> Response:
>
> So far, so good. But press return once or twice to get "Login incorrect"
> (or make a new conection), and then do
>
> login: flomp
> otp-md5 220 at0624 ext
> Response:
>
> Either the user just set a new passphrase in this one-second interval, or
> "flomp" does not exist.
Seed the PRNG generating this fake challenge with the given username and
nothing but the username (and perhaps some *static* secret data).
--Pavel Kankovsky aka Peak [ Boycott Microsoft--http://www.vcnet.com/bms ]
"Resistance is futile. Open your source code and prepare for assimilation."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]