Cisco VPN password recovery program
alaricd at pengdows.com
Wed Oct 19 10:45:38 EDT 2005
Perry E. Metzger wrote:
> Via cryptome:
> The Cisco VPN Client uses weak encryption to store user and group
> passwords in your local profile file. I coded a little tool to
> reveal the saved passwords from a given profile file.
> If this is true, it doesn't sound like Cisco used a particularly smart
> design for this.
Yeah, and they use simple character replacement for storing the admin
password on their DSL modems, specifically the 675 and 678 models, they
use telnet to admin the things and finally.... Their idea of how to
protect these modems from the CodeRED worm is to change the port the web
interface is listening on.
Cisco seems to be doing these kinds of boneheaded things for quite sometime.
*Alaric Dailey* Everyone deserves privacy.
Thawte ‘Web of Trust’ Notary Seal <http://www.thawte.com/wot> • Thawte
‘Web of Trust’ Notary <http://www.thawte.com/wot>
• CAcert ‘Web of Trust’ Assurer <http://www.cacert.org/wot.php?id=3>
• Notary Public CAcert ‘Web of Trust’ Assurer Seal <http://www.cacert.org>
ATTENTION USERS OF MICROSOFT OUTLOOK AND MICROSOFT OUTLOOK EXPRESS:
Some versions of these products have trouble replying to digitally
signed emails, like this one.
For more information on this error, and how to fix it, please visit Mark
Nobles website here <http://www.marknoble.com/tutorial/smime/smime.aspx>.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 3544 bytes
Desc: S/MIME Cryptographic Signature
More information about the cryptography