11 Nov
2005
11 Nov
'05
1:41 p.m.
On Fri, 11 Nov 2005, Crist Clark wrote:
Christopher L. Morrow wrote:
encrypted how? cyrpt? md5? cisco7? Some way proven to take 'very long' to decrypt? is the passwd really necessary or is only the hash required? this is just wholey irresponsible of any vendor, nevermind one that should really know better :(
http://www.cisco.com/warp/public/707/cisco-sn-20040415-grppass.shtml
"The Group Password used by the Cisco Internet Protocol Security (IPsec) virtual private network (VPN) client is scrambled on the hard drive, but unscrambled in memory. This password can now be recovered on both the Linux and Microsoft Windows platform implementations of the Cisco IPsec VPN client."
somehow that doesn't re-assure me...