Search /
Docfinder:
Advanced search  |  Help  |  Site map
RESEARCH CENTERS
SITE RESOURCES
Click for Layer 8! No, really, click NOW!
Networking for Small Business
TODAY'S NEWS
/

Reviews /

How we did it: Token security

Today's breaking news
Send to a friendFeedback


Send to colleague

Network World, 03/01/99

To test security servers we reproduced a typical enterprise network and then tried to break into it. We required our test products to support Windows NT and Remote Authentication Dial-In User Service. Native support for hardware tokens from a variety of vendors was a plus.

We installed the vendors' security systems on our test network of eight Windows NT Workstation clients, two Windows NT Servers, two Sun Solaris workstations, and a Windows NT Remote Access Server (RAS). Our remote users were Windows NT Workstation clients, one dialing in to our RAS and the other accessing the network via the Internet.

To test the security servers' interoperability, we used two different types of routers, firewalls and virtual private networks. For edge routing and switching, we used an Intel Express Router and a Shiva LANRover Access Switch. We implemented security using Axent Raptor and Novell BorderWare firewalls. We installed all security server software on one of the Windows NT Server machines.

To evaluate management software, we added users, changed user profiles and security settings, and changed system configuration. We also checked each product's reporting capabilities by looking at event logs, incident reports and user lists generated by setting profile parameters. For example, we pulled reports of all the users that had 24-hour access and users who were only allowed to log on Monday through Friday.

We went about trying security the way any hacker would. We hacked passwords. We used some fairly nefarious tools to try to hack responses to server challenges. We entered invalid responses to security server challenges.

We tried to use hardware tokens registered with other networks to issue responses to server challenges. We hacked personal identification numbers (PIN). We entered invalid PINs on the tokens multiple times to see whether their lockout features worked. We used responses from random number generators and tried to access resources not authorized for our user IDs. RELATED LINKS Back to the main review


NWFusion offers more than 40 FREE technology-specific email newsletters in key network technology areas such as NSM, VPNs, Convergence, Security and more.
Click here to sign up!
New Event - WANs: Optimizing Your Network Now.
Hear from the experts about the innovations that are already starting to shake up the WAN world. Free Network World Technology Tour and Expo in Dallas, San Francisco, Washington DC, and New York.
Attend FREE
Your FREE Network World subscription will also include breaking news and information on wireless, storage, infrastructure, carriers and SPs, enterprise applications, videoconferencing, plus product reviews, technology insiders, management surveys and technology updates - GET IT NOW.
* HOME    * RESEARCH CENTERS     * NEWS     * EVENTS

Contact us | Terms of Service/Privacy | How to Advertise
Reprints and links | Partnerships | Subscribe to NW
About Network World, Inc.

Copyright, 1994-2006 Network World, Inc. All rights reserved.