 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
My employer uses these cards too, except on ours the password changes about twice a minute. The card is the size of a credit card, but about three times thicker. It has a small window with an LCD display. To sign on, you have to type in 10 digits. 4 are constant, the other 6 come from the card. I assume the server uses the 4 digits to figure out which card you have, and eventually what number it should be showing, and that it allows for fast and slow clocks. In any case, the authentication dialog happens before the PPP or SLIP line discipline is started. I built a script which gets a number from the command line and writes it into a normal "pon" script, which then attempts to close the connection before that number expires. It's a marginal system. The SecureID, however, seems to be a very good system. I expect that most of the card volume is occupied by a battery. The thing runs for several years, then has to be replaced. For $50 or so. - Jim Van Zandt >X-Authentication-Warning: strange.bu.edu: slanning owned process doing -bs >Date: Wed, 30 Jun 1999 22:14:31 -0400 >From: Scott Lanning <slanning at buphy.bu.edu> >Content-Type: TEXT/PLAIN; charset=US-ASCII >Sender: owner-discuss at Blu.Org >Precedence: bulk > >>When I dial the company modem, I get connected to an IBM 8235 secure >>server, which prompts me for a user ID and password. The password, >>however, is not fixed: I get it from a "SecurID" card, which supplies a >>number that changes every ten seconds. > >Intriguing. Please clarify. Is the card synchronized with the server, >or...actually, is it a card as in credit card or as in network card? >Does the server emit an encrypted password for which you have the key? > >>So I have several questions: how do I find out if this is PPP or SLIP? > >Dial in with PPP. If it works, then it is PPP. If not, try SLIP. :) >However, if security is so crucial, it seems they would prefer PPP >because (I think I read) it is more secure. > >- >Subcription/unsubscription/info requests: send e-mail with >"subscribe", "unsubscribe", or "info" on the first line of the >message body to discuss-request at blu.org (Subject line is ignored). > - Subcription/unsubscription/info requests: send e-mail with "subscribe", "unsubscribe", or "info" on the first line of the message body to discuss-request at blu.org (Subject line is ignored).
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
