[5674] in Kerberos
Re: authentication secure?
daemon@ATHENA.MIT.EDU (smb@research.att.com)
Fri Aug 11 11:43:34 1995
From: smb@research.att.com
To: Sam Hartman <hartmans@MIT.EDU>
Cc: Art Houle <houle@acns.fsu.edu>, Joe Beiter <jwb@wilbur.hhisland.com>,
kerberos@MIT.EDU
Date: Fri, 11 Aug 95 11:33:00 EDT
Socially accepted practice at MIT ais that you can type your
root instance password over a dialup line *directly connected to a
workstation*. However, you are expected to change your password as
soon as you get to a secure location. Also, this is only done in
emergencies. The general rule of thumb is only type passwords over an
end-to-end secure channel, and with the availability of SLIP/PPP, this
just really isn't that hard to accomplish.
Social engineering is probably cheaper than connecting a modem
to a phone line. However, we can only do so much about social
attacks; we can be as paranoid as we like about technical attacks.
I heard of an interesting case recently. A letter went out from the
mail room announcing a new phone number for the modem pool.... I suspect
I don't have to finish the story, but I will anyway -- the attacker
used social methods to accomplish a monkey in the middle attack with
nothing more sophisticated than a pair of modems and a PC.
