Subject: Request for Help

Date   : Fri, 25 Nov 2011 14:52:37 +0000
From   : Martyn.Ruks@... (Martyn Ruks)
Subject: Request for Help - Security Research Project

If anyone can supply some captured network data of a couple of logon events
for different users and passwords I will have a crack at it from a crypto
analysis perspective. 

If you could provide suitably labelled data of all phases of the logon process
and the associated username and password used in each case it would be great. 

Ideally the logon attempts would be using IDs and passwords of your choice
but using this pattern of logons would help:

Attempt 1 - Username1 Password1
Attempt 2 - Username1 Password2
Attempt 3 - Username2 Password1
Attempt 4 - Username2 Password2

Thanks

MWR InfoSecurity
Churchill Plaza . Churchill Way . Basingstoke . RG21 7GP . UK

Tel +44 1256 300920
Fax  +44 1256 811227

www.mwrinfosecurity.com Information security risk, compliance and management
specialists

The information transmitted is intended only for the addressee and may contain 
confidential and/or privileged material. Any review, retransmission, dissemination 
or other use of, or taking of any action in reliance upon, this information 
by persons or entities other than the intended recipient is prohibited. 
Any opinions expressed in this email are those of the individual and not
necessarily the Company. If you receive this transmission in error, please
email to martyn.ruks@...
________________________________________
From: bbc-micro-bounces+martyn.ruks=mwrinfosecurity.com@...
[bbc-micro-bounces+martyn.ruks=mwrinfosecurity.com@...]
On Behalf Of Phil Blundell [philb@...]
Sent: 25 November 2011 10:11
To: Rick Murray
Cc: bbc-micro@...
Subject: Re: [BBC-Micro] Request for Help - Security Research Project

On Fri, 2011-11-25 at 06:30 +0100, Rick Murray wrote:
> Was this standard? I've just eyeballed RISC OS NetFS and I don't see any
> provision for this...
> <https://www.riscosopen.org/viewer/view/castle/RiscOS/Sources/FileSys/NetFS/NetFS/s/Commands?rev=4.3;content-type=text%2Fx-cvsweb-markup>

No, it was an SJ extension.  In particular this meant that the NetFiler
login dialog (i.e. the one you got if you clicked on the FS icon) just
did a straight *I AM with no encryption.  You needed to use the LOGON
utility from SJ's ArthurLib for secure logons.

p.

_______________________________________________
bbc-micro mailing list
bbc-micro@...
http://lists.cloud9.co.uk/mailman/listinfo/bbc-micro

<< Previous Message	Main Index	Next Message >>
<< Previous Message in Thread	This Month	Next Message in Thread >>

<< Previous Message	Main Index	Next Message >>
<< Previous Message in Thread	This Month	Next Message in Thread >>