Posted by: Anonymous Coward
on September 28, 2005 11:51 PM
Yeah, I use RSA SecurID where I work, and that does help. But if you don't have some level of control for the remote tunnel end point, I can control the machine you connect from, and install some sort of access tool into your corporate network during your active session. The token based authentication will keep me from logging in as you, but after having a long enough period of unauthorized access during your logins, I will eventually find a way to make my access permenant. Strong authentication is better, but it's no substitute for having a trusted remote endpoint.
Learn about Linux
Download Linux
Get Linux help
Re:Corporate attitude
Posted by: Anonymous Coward on September 28, 2005 11:51 PMStrong authentication is better, but it's no substitute for having a trusted remote endpoint.
--charlie
#