[86611] in North American Network Operators' Group
Re: the iab simplifies internet architecture!
daemon@ATHENA.MIT.EDU (Christopher L. Morrow)
Fri Nov 11 13:42:17 2005
Date: Fri, 11 Nov 2005 18:41:18 +0000 (GMT)
From: "Christopher L. Morrow" <christopher.morrow@mci.com>
In-reply-to: <4374E541.9080906@globalstar.com>
To: Crist Clark <crist.clark@globalstar.com>
Cc: Sam Crooks <scrooks@ebocom.net>, Randy Bush <randy@psg.com>,
bmanning@vacation.karoshi.com, nanog@nanog.org
Errors-To: owner-nanog@merit.edu
On Fri, 11 Nov 2005, Crist Clark wrote:
>
> Christopher L. Morrow wrote:
> > encrypted how? cyrpt? md5? cisco7? Some way proven to take 'very long' to
> > decrypt? is the passwd really necessary or is only the hash required? this
> > is just wholey irresponsible of any vendor, nevermind one that should
> > really know better :(
>
> http://www.cisco.com/warp/public/707/cisco-sn-20040415-grppass.shtml
>
> "The Group Password used by the Cisco Internet Protocol Security (IPsec)
> virtual private network (VPN) client is scrambled on the hard drive, but
> unscrambled in memory. This password can now be recovered on both the
> Linux and Microsoft Windows platform implementations of the Cisco IPsec
> VPN client."
somehow that doesn't re-assure me...
