Re: Cisco VPN config files converter
- From: Bill Moss <bmoss clemson edu>
- To: networkmanager list <networkmanager-list gnome org>
- Subject: Re: Cisco VPN config files converter
- Date: Wed, 25 May 2005 19:16:10 -0400
A couple of points about decoding encrypted Cisco Group passwords (Secrets).
1. Anyone with an early version of the Cisco VPN client (4.0.3.B) can do
the conversion without using the web site. All the web site does is
automate the process.
2. Cisco has announced they will close the security hole but not when.
3. Other vpnc front ends like kvpnc have a similar import utility.
4. What liability is involved in exploiting this security hole? The web
site you reference has a note that the Secret should be obtained from
your network admin. Not all network admins may be happy about the decoding.
5. Whatever you do make sure the user is informed if the the import
utility fails to find the Secret for whatever reason.
--
Bill Moss
Professor, Mathematical Sciences
Clemson University
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
