RE: is the latest ISA2000 security update a dud?

• From: "Ball, Dan" <DBall@xxxxxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Mon, 27 Jun 2005 09:17:54 -0400

That's quite possible, but not that simple.  On an internal network,
with the newer switches, a packet sniffer only catches broadcast traffic
by default.  They'd have to be able to hack into the switch itself and
make the port they're plugged into a monitor port (where it gets ALL
traffic) in order to capture that kind of traffic.  

 

Again, not saying it can't be done, they are several ways it "could" be
done.  But the average person that is going to be causing problems (saw
a report that 86% of malicious hacking is done by disgruntled employees)
isn't going to be able to figure out how to do it very easily.

 

Of course, what you're describing is using someone else's network, so
anything goes.  Also, in public access locations like airports and such,
you're far more likely to encounter a serious hacker.  If we had
information here that was really worth anything, I'd consider a password
policy like that also.  As it stands right now, only the people with
administrative privileges have a harsher password policy.  The rest are
still having a really hard time with a five-letter minimum and not being
able to use the same password twice in a row.  However, they discovered
that if they keep switching back and forth between two passwords it
would work, so I might have to change it.

 

________________________________

From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] 
Sent: Monday, June 27, 2005 08:34
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: is the latest ISA2000 security update a dud?

 

http://www.ISAserver.org

Hi Dan,

From what I understand (which could be wrong), they could capture the
password hash over the wire, and run it against a Rainbow crack. That's
why I've upgraded our password policy to 24+ characters, since we use
secure Exchange RPC to connect from places like airports and such.

 

Tom
www.isaserver.org/shinder <http://www.isaserver.org/shinder> 
Tom and Deb Shinder's Configuring ISA Server 2004
http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7> 
MVP -- ISA Firewalls

Other related posts:

• » is the latest ISA2000 security update a dud?
• » RE: is the latest ISA2000 security update a dud?
• » RE: is the latest ISA2000 security update a dud?
• » RE: is the latest ISA2000 security update a dud?
• » RE: is the latest ISA2000 security update a dud?
• » RE: is the latest ISA2000 security update a dud?
• » RE: is the latest ISA2000 security update a dud?
• » RE: is the latest ISA2000 security update a dud?
• » RE: is the latest ISA2000 security update a dud?
• » RE: is the latest ISA2000 security update a dud?
• » RE: is the latest ISA2000 security update a dud?
• » RE: is the latest ISA2000 security update a dud?
• » RE: is the latest ISA2000 security update a dud?
• » RE: is the latest ISA2000 security update a dud?
• » RE: is the latest ISA2000 security update a dud?
• » RE: is the latest ISA2000 security update a dud?
• » RE: is the latest ISA2000 security update a dud?
• » RE: is the latest ISA2000 security update a dud?
• » RE: is the latest ISA2000 security update a dud?
• » RE: is the latest ISA2000 security update a dud?

1. Home
2. isalist
3. Archive
4. 06-2005

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---