James R. Van Zandt wrote:
> Yes, MITRE got a black eye over that one. Right after
> that, they started requiring SecurID authentication for
> any access from outside to inside: dialup, ftp, telnet,
> or ssh.
I will admit that SecureID was a nice remote authentication system, and
it *WAS* secure. Unfortunately, as soon as RSA and SDI had their little
buy-out about a year ago, they went down hill. There are bugs in there
implementations of both RADIUS and TACACS, they screwed up the time-sync
algorithm, and there were rumors that they were going to stop releasing
the ACE sever for Solaris and go strictly with NT. Not to mention that
they were quite adamant that they would never port to Linux because OSS
was too insecure. One thing that I have to say in their favor is that
they are 1000 times better than Axent Technologies Defender system....
Kenny
**********************************************************
To unsubscribe from this list, send mail to
[EMAIL PROTECTED] with the following text in the
*body* (*not* the subject line) of the letter:
unsubscribe gnhlug
**********************************************************
