whitehartstag writes “Black Hat 08 disclosed several SSL VPN and DNS vulnerabilities that caused several people to sit up and take notice. Some of these new exploits performed a brilliant Man-In-The-Middle attack on SSL VPN tunnels. This article walks you through how using certificates, instead of OTP tokens for second-factor authentication can increase the security of your SSL VPN against these new types of attacks.”
Read more of this story at Slashdot.
No Comments, Comment or Ping
Reply to “Why One-time Passwords Suck For MITM Attacks”