Man in the middle Attacks from Blackhat
Why One-time Passwords Suck For MITM Attacks
Posted by CmdrTaco on Monday August 18, @05:11PM
from the my-password-is-pass1234 dept.
from the my-password-is-pass1234 dept.
whitehartstag writes “Black Hat 08 disclosed several SSL VPN and DNS vulnerabilities that caused several people to sit up and take notice. Some of these new exploits performed a brilliant Man-In-The-Middle attack on SSL VPN tunnels. This article walks you through how using certificates, instead of OTP tokens for second-factor authentication can increase the security of your SSL VPN against these new types of attacks.”
Tags: vulnerabilities, defcon, blackhat, attack
Loading ...