Hi all,

We are looking at integrating the SecurID product into an existing
LDAP-based username/password system.  We want to leverage our FreeRADIUS
server to keep authenticating the existing username/password to LDAP,
and authenticate the same username and tokencode from the SecurID token
to the SecurID server (via RADIUS).  Is there someone on this list who
has done this or implemented SecurID in a similar fashion?

Thanks,
--
Greg Vickers
Phone: +61 7 3138 6902
IT Security Engineer & Project Manager
Queensland University of Technology, CRICOS No. 00213J

[Forwarded]

Dear RSA SecurCare Customer,


RSA, The Security Division of EMC, previously notified customers that
third-party software products that lock files, such as anti-virus and
back-up software, can cause instabilities and data corruption.



Platforms:


     * RSA Authentication Manager 7.1 on all supported platforms
     * RSA Authentication Manager 7.0 on all supported platforms



Recommendation:


Customers requiring the use third-party anti-virus software need to
configure the exclusion list to include the directory that contains
the folder "RSA Authentication Manager/db" so that files in this
folder are not locked. Failure to do so can result in product
instabilities and data corruption. If the third-party software does
not support this capability it should not be used in conjunction with
RSA Authentication Manager. Once the folder is added to the
third-party software exclusion list, RSA Authentication Manager will
operate properly. RSA requires that only the built-in back-up included
with RSA Authentication Manager be used for all back-up operations.



Obtaining Documentation:


To obtain RSA documentation, log on to RSA SecurCare Online at
https://knowledge.rsasecurity.com and click Products in the top
navigation menu. Select the specific product whose documentation you
want to obtain. Scroll down to the section for the product version
that you want and click on the set link.



Obtaining More Information:


For more information about RSA Authentication Manager, visit the RSA
web site at http://www.rsa.com/node.aspx?id=1166.



Getting Support and Service:


For customers with current maintenance contracts, contact your local
RSA Customer Support center with any additional questions regarding
this RSA SecurCare Note. For contact telephone numbers or e-mail
addresses, log on to RSA SecurCare Online at
https://knowledge.rsasecurity.com, click Help & Contact, and then
click the Contact Us - Phone tab or the Contact Us - Email tab.



General Customer Support Information:


http://www.rsa.com/node.aspx?id=1264



RSA SecurCare Online:


https://knowledge.rsasecurity.com



About RSA SecurCare Notes & Alerts Subscription


RSA SecurCare Notes & Alerts are targeted e-mail messages that RSA
sends you based on the RSA product family you currently use. If you'd
like to stop receiving RSA SecurCare Notes & Alerts, or if you'd like
to change which RSA product family Notes & Alerts you currently
receive, log on to RSA SecurCare Online at
https://knowledge.rsasecurity.com/scolcms/help.aspx?_v=view5.
Following the instructions on the page, remove the check mark next to
the RSA product family whose Notes & Alerts you no longer want to
receive. Click the Submit button to save your selection.



Sincerely,

RSA Customer Support

On Thu, Nov 27, 2008 at 8:40 PM,  <im_ciobica@...> wrote:
> Hi,
>
> I just joined this group. It is still active?

Still in service, not a lot of activity since the product changed owners.

That may in part be just a testament to the stability of the SecurID product :)

I haven't been posting because my former employer had chosen to retire
their SecurID deployment in favor of Microsoft Active Directory with
reusable passwords -- I felt so shamed by this business decision thatI
couldn't show my face here :)


> Anyone managed to install a SecureClient (like the ones from Check
> Point) to use a SecurID token with Linux? Or any other way to use the
> SecurID with Linux?

For supported platforms, you can use the official "agent" to directly
authenticate for OS services, this is usually a local PAM agent
talking the proprietary protocol to the SecuriD server.  Same goes for
Apache web servers.

For unsupported platforms, I've had mixed luck using a generic RADIUS
agent to talk to a RADIUS service runing on the SecurID server.  I
have seen issues where this leads to tokens being more likely to go
into "next tokencode" mode. Same goes for Apache web servers and
mod_auth_radius.


Kevin

Hi,

I just joined this group. It is still active?

Anyone managed to install a SecureClient (like the ones from Check
Point) to use a SecurID token with Linux? Or any other way to use the
SecurID with Linux?

Thank you.

Ionel

Has anyone set up RSA to log to Syslog?

I don't have access to the RSA Server but I am about to work with the
Admin who does.

Is it pretty straight forward?  I believe we are running it on Windows.

Thanks

John

We need to integrate the rsa SecureID solution with OpenSSH on
HP-UX 11.11 and FreeBSD 6.2

--- In securid-users@yahoogroups.com, shadab shah <shahshadab@...>
wrote:
>
> Hi,
> I am new to RSA/ACE and Radius. I have been given the task of
implementing an Radius connector to RSA Securid Server on Linux FC6.
> Please let me know any links or documents which will help me in
achieving this.
> I am a new user to this unknown territory and need some help from
experts out there.
>
> Thanks and Regards,
> Shadab

http://www.wikidsystems.com/documentation/howtos/how-to-secure-ssh-
with-wikid-two-factor-authentication

though for a competing two-factor authentication solution, the steps
for pam_radius are the same.

HTH,

nick

Hi Shadab,

FC6, eh?  Might be a little bleeding-edge from a supportability point
of view, but it might work.

Now of course if you just want to point a radius client on your FC6
box at an existing RSA RADIUS server, that's quite a bit easier.
Basically configure your PAM settings to use pam_radius.  Of course if
you call up the support number, they should have some information on
this as well.

-Rich


--- In securid-users@yahoogroups.com, shadab shah <shahshadab@...> wrote:
>
> Hi,
> I am new to RSA/ACE and Radius. I have been given the task of
implementing an Radius connector to RSA Securid Server on Linux FC6.
> Please let me know any links or documents which will help me in
achieving this.
> I am a new user to this unknown territory and need some help from
experts out there.
>
> Thanks and Regards,
> Shadab
>
>
>
________________________________________________________________________________\
____
> Looking for last minute shopping deals?
> Find them fast with Yahoo! Search.
http://tools.search.yahoo.com/newsearch/category.php?category=shopping
>

On Dec 5, 2007 8:34 AM, narayanamoorthys <narayanamoorthys@...> wrote:
> We need to assign SecurID token to users remotely (we are operating in
>  offshore and our onsite team is currently taking care of issuing SecurID)
>
>  We have access to RSA ACE application and we can assign SecurID to
>  users. But for generating PIN we need to have physical access to the
>  SecurID (for 6 digit).

Should you be generating the PIN for users?  Shouldn't they choose
their own secret?


>  Is there anyway to generate the PIN number without physical access to
>  the SecurID?

Check out the "setpin" sample application included with the "ACE
Administration Toolkit".

Kevin

We need to assign SecurID token to users remotely (we are operating in
offshore and our onsite team is currently taking care of issuing SecurID)

We have access to RSA ACE application and we can assign SecurID to
users. But for generating PIN we need to have physical access to the
SecurID (for 6 digit).

Is there anyway to generate the PIN number without physical access to
the SecurID?

-Moorthy

Hi,
I am new to RSA/ACE and Radius. I have been given the task of implementing an
Radius connector to RSA Securid Server on Linux FC6.
Please let me know any links or documents which will help me in achieving this.
I am a new user to this unknown territory and need some help from experts out
there.

Thanks and Regards,
Shadab


      
________________________________________________________________________________\
____
Looking for last minute shopping deals?
Find them fast with Yahoo! Search. 
http://tools.search.yahoo.com/newsearch/category.php?category=shopping

Is anybody using Splunk (www.splunk.com) to post-process and report
ACE/Server events?

We are considering importing ACE events into Splunk, partly to enable
various types of reports, and also for event correlation.  Has anybody
already done this, or found a better way than writing a 'bundle' to
parse the "logcsv" native output format from ACE/Server?

Also I figure this is an easier way to expose ACE/Server events to
other administrators without giving each of them the full MS-Windows
thick client on their desktops.

Kevin

On 10/25/07, przemub <przemub@...> wrote:
> --- In securid-users@yahoogroups.com, "runqwe111" <paul@...> wrote:
> > Has anyone reverse engineered it, or have a
> > description of the algorithm sufficient to code one?
>
> some reverse engineering has been made - here is source code:
> http://seclists.org/lists/bugtraq/2000/Dec/0459.html

The code from 2000 is for the old style tokens,
does not apply to the new AES algorithm.

That the only attacks directly effective against user authentication
with SecurID have been related to the "soft" tokens is a big part of
the reason I am very reluctant to deploy the Windows or Blackberry
versions of the token, and am even suspicious of the USB-connected
SID800.

I'm glad that RSA caters to paranoids by offering a version of the
SID800 where the tokencode generator is *not* visible to the USB
interface:
      http://archives.neohapsis.com/archives/fulldisclosure/2006-09/0246.html


> I work in a company which uses vpn network to connect to clients and i
> would like to work on a Linux desktop, so i need a RSA SecurID
> software token generator for Linux. Please tell me, how did you get
> this to work on wine? I use version 3.0.2.

Have you considered using the SID700 hardware token?   No OS dependency.

It'd be amusing to develop an open-source USB driver capable of
fetching the tokencode from the USB-visible variant of the SID800.
Anybody with time to devote to this project, and willing to
BSD-license your code, please contact me off-list.


Kevin

Hi!
I'm newbie in SecurId solution. I'm testing RSA Auth. Manager 6.1 with
2 hardware tokens that RSA send me as test package.
I Installed the software, I create one user, but the stupid question
is: How I should add my hardware token information?
In Manager, Token, Import Token, ask me for a *.DMP, *.ASC or *.XML,
but I don't have any file!
I have 2 hardware tokens to test...

Who I can put this hardware information in Manager???

Thanks in advance and sorry for the question.

From: <securcare_note@...>
Subject: RSA, The Security Division of EMC, Announces Electronic
Fulfillment for Seed Records

** Please do not reply to this email. To change or cancel your
subscription to RSA SecurCare Notes & Alerts, please log on to RSA
SecurCare Online at https://knowledge.rsasecurity.com, click "Notes &
Alerts" > "Subscription" in the left navigation menu, and follow the
instructions on the page to unsubscribe from this service.


Summary:

RSA, The Security Division of EMC, introduces Electronic Fulfillment
for Seed Records.

Effective Monday, August 13, 2007, the default method for
distributing RSA SecurID token seed records will be by secure e-mail
in XML format, for all orders shipped directly from the factory. This
is a change from the current CD media distribution. The electronic
seed record distribution via a secure e-mail and special encryption
process allows for distribution through customer's firewalls. This
form of seed distribution has been piloted successfully globally with
many customers over the past several months.

All orders for RSA SecurID token products must include an e-mail
"ship to" address specifically for the seed records. This can be a
different address than the RSA Authentication Manager
software/license e-mail address required to download the RSA
Authentication Manager product.

If you have any questions, please contact your account manager, or
RSA Customer Support in Bedford, Massachusetts or Shannon, Ireland.



Getting Support and Service:

If you are a customer with a current maintenance contract, please
contact your local RSA Customer Support Center with any additional
questions regarding this RSA SecurCare Note. To find contact phone
numbers and e-mail addresses, log on to RSA SecurCare Online at
https://knowledge.rsasecurity.com and, in the left navigation menu,
click Contact & Help, and then click either Contact Us - Phone or
Contact Us - Email.



General Customer Support Information:

http://www.rsa.com/node.aspx?id=1264



RSA SecurCare Online:

https://knowledge.rsasecurity.com



About RSA SecurCare Notes & Alerts Subscription

RSA SecurCare Notes & Alerts are targeted e-mail messages RSA sends
you based on the RSA product family you currently use. If you'd like
to stop receiving RSA SecurCare Notes & Alerts, or if you'd like to
change which RSA product family Notes & Alerts you currently receive,
log on to RSA SecurCare Online at https://knowledge.rsasecurity.com
and click "Notes Subscription" in the left navigation menu. Following
the instructions on the page, remove the check mark next to the RSA
product family whose Notes & Alerts you no longer wish to receive.
Then click the "Submit" button to save your selection.

...Deprecated, "depreciated" -- sheeesh!  (-:

My fingers wandered.

I beg apologies for any confusion from the typo.

_Vin

At 04:27 PM 8/8/2007, I wrote:

>Not unaware. RSA Tech Support says that option has been depreciated,
>a long time past, because it opened other security problems.

Kevin Kadow <kkadow@...> labelled a forwarded message as:

>Useful information on PAM authentication with SecurID.
>
>>On <focus-sun@...>, Edward Reiss
>><<mailto:ed.reiss%40convdata.com>ed.reiss@...> wrote:

>><. . .>
>>Anyway, we got it to work by specifying keyboard interactive
>>in the /etc/ssh/sshd_config file. Now it works flawlessly.
>>For some reason, RSA is unaware of this fix.
>><. . .>

Hi Kev,

Not unaware. RSA Tech Support says that option has been depreciated,
a long time past, because it opened other security problems. Not a
preferred or recommended option.

A site will only need to do this if they are not running a current
version of OpenSSH.

Here's an excerpt from the changelog, 20030826, at
<http://www.zip.com.au/~dtucker/openssh/diffs/ChangeLog-3.7p1>:

   .- (djm) Bug #629: Mark ssh_config option "pamauthenticationviakbdint"
   .  as deprecated. Remove mention from README.privsep. Patch from
   .  aet AT cc.hut.fi
<snip>

RSA also has Knowledgebase articles that cover similar
configurations; for example: kb id a34982.

According to the RSA Tech Support gurus, RSA customers sometimes run
into problems around this when they're using Solaris SSH, since the
config file options have different names.

Suerte,
             _Vin

Useful information on PAM authentication with SecurID.

---------- Forwarded message ----------
From: Edward Reiss <ed.reiss@...>
Date: Aug 6, 2007 12:25 PM
Subject: RE: SSHD with Secured authentication, using RSA PAM client
To: focus-sun@...

. . .
Anyway, we got it to work by specifying keyboard interactive
in the /etc/ssh/sshd_config file. Now it works flawlessly.
For some reason, RSA is unaware of this fix.
. . .

Hi friends,

Heard about this setting for RSA AuthenticationManager 6.1?
Any suggestions on what should be the ideal value for this for say 500
users.
Any recommendations/suggestions on this would be helpful.

Thanks
Alok

FORWARDED from Full Disclosure, other mailing lists

Date: Thu, 12 Jul 2007 17:54:00 -0700
From: TSRT@...
Subject: [Full-disclosure] TPTI-07-12: Multiple Vendor Progress Server
	 Heap Overflow Vulnerability
To: full-disclosure@..., bugtraq@...,
	 vulnwatch@..., vulndiscuss@...

TPTI-07-12: Multiple Vendor Progress Server Heap Overflow Vulnerability
http://dvlabs.tippingpoint.com/advisory/TPTI-07-12.html
July 12, 2007

-- CVE ID:
CVE-2007-2417

-- Affected Vendor:
Progress Software

-- Affected Products:
RSA Authentication Manager
Progress Database

-- TippingPoint(TM) IPS Customer Protection:
TippingPoint IPS customers have been protected against this
vulnerability since May 22, 2007 by Digital Vaccine protection
filter ID 5326. For further product information on the TippingPoint IPS:

      http://www.tippingpoint.com

-- Vulnerability Details:
This vulnerability allows attackers to execute arbitrary code on
vulnerable installations of RSA Authentication Manager and other
products that include the Progress server. User interaction is not
required to exploit this vulnerability.

The specific flaw exists in the Progress Server listening by default on
TCP ports 5520 and 5530. The _mprosrv.exe process trusts a user-supplied
DWORD size and attempts to receive that amount of data into a statically
allocated heap buffer.

The user-supplied size parameter is used directly as an argument to
recv() as shown below:

_mprosrv.exe:
      0044F24F mov     eax, [esp+42Ch+buf] ; 1012 byte heap buffer
      0044F253 push    0                   ; flags
      0044F255 push    esi                 ; attacker-controlled size
      0044F256 push    eax                 ; 1012 byte heap buffer
      0044F257 push    edi                 ; s
      0044F258 call    recv

The heap buffer which is received into is 1012 bytes. Sending more than
1012 bytes will overflow into subsequent heap chunks. This heap
corruption can be leveraged by an attacker to execute arbitrary code in
the context of the SYSTEM user.

-- Vendor Response:
RSA has made hot fixes available to registered users through RSA
Customer Support. For more information, please visit the RSA website
for the appropriate product:

For RSA ACE/Server 5.2, apply the following hot fix on top of Patch 1:


https://knowledge.rsasecurity.com/dlcpages/rsa_securid/securid_dlc_as52p.asp

For RSA Authentication Manager 6.0, apply the following hot fix on top
of the Patch 2 -  (scroll down to the second half of the page)


https://knowledge.rsasecurity.com/dlcpages/rsa_securid/securid_dlc_am60p2.asp

For RSA SecurID Appliance 2.0, apply the following hot fix on top of
the Upgrade 2.0.1:


https://knowledge.rsasecurity.com/dlcpages/rsa_securid/securid_dlc_app.asp

For RSA Authentication Manager 6.1, apply the 6.1.2 patch:


https://knowledge.rsasecurity.com/dlcpages/rsa_securid/securid_dlc_am60p2.asp

RSA recommends that all customers using RSA ACE/Server 5.2, RSA
Authentication Manager 6.0 and 6.1, and RSA SecurID Appliance 2.0
install the hot fixes. RSA states "Notification was recently (June 28,
2007) sent to RSA SecurCare customers about the vulnerability and the
correct way to resolve it.

-- Disclosure Timeline:
2007.03.14 - Vulnerability reported to vendor
2007.05.22 - Digital Vaccine released to TippingPoint customers
2007.07.12 - Coordinated public release of advisory

-- Credit:
This vulnerability was discovered by Aaron Portnoy, TippingPoint DVLabs.

CONFIDENTIALITY NOTICE: This e-mail message, including any attachments,
is being sent by 3Com for the sole use of the intended recipient(s) and
may contain confidential, proprietary and/or privileged information.
Any unauthorized review, use, disclosure and/or distribution by any
recipient is prohibited.  If you are not the intended recipient, please
delete and/or destroy all copies of this message regardless of form and
any included attachments and notify 3Com immediately by contacting the
sender via reply e-mail or forwarding to 3Com at postmaster@....

FORWARDED
From: <securcare_note@...>
Date: Wed, 11 Jul 2007 17:35:55 -0400

Subject: RSA, The Security Division of EMC, Introduces RSA
Authentication Agent 6.0 for PAM on SUSE Linux Enterprise Server and
IBM AIX


** Please do not reply to this email. To change or cancel your
subscription to RSA SecurCare Notes & Alerts, please log on to RSA
SecurCare Online at https://knowledge.rsasecurity.com, click “Notes &
Alerts” > “Subscription” in the left navigation menu, and follow the
instructions on the page to unsubscribe from this service.


Dear SecurCare Customer,


Summary:

The Pluggable Authentication Module (PAM) for UNIX and Linux allows
the integration of various authentication technologies such as UNIX,
Kerberos, RSA, smart cards, and DCE into system entry services such as
login, dtlogin, passwd, rlogin, telnet, ftp, and su without changing
any of these services.

By leveraging the strength of RSA SecurID® and the flexibility of PAM,
organizations can eliminate security risks associated with using
static passwords for user authentication. While enhancing security,
the RSA SecurID® solution can help organizations reduce Help Desk
costs from password-related calls and increase user productivity.


Features:

RSA Authentication Agent 6.0 for PAM can co-exist with other PAM
modules on the same machine. This release also resolves threading
issues, allowing it to be used in more scenarios than previous versions.


Platforms:

RSA Authentication Agent 6.0 for PAM supports the following platforms:

- Red Hat® Enterprise Linux AS/ES/WS 4.0 64-bit (Intel® Xeon (TM), AMD
Opteron (TM))

- Sun (TM) Solaris (TM) 10 x86 32-bit (Intel)

- Sun Solaris 10 x86 64-bit (Intel Xeon, AMD Opteron)

- Sun Solaris 10 64-bit (UltraSPARC (TM))

- HP-UX 11.00, 11i (PA-RISC 2.x)

- HP-UX 11iv2 64-bit (Itanium®)

- IBM AIX® 5L 5.3 with TL5 (SP6) 64-bit (RISC System/6000® PowerPC®)

- SUSE® Linux Enterprise Server 9 (SP3) 64-bit (Intel Xeon, AMD Opteron)

- SUSE Linux Enterprise Server 10 64-bit (Intel Xeon, AMD Opteron)


Obtaining Software:

The RSA Authentication Agent 6.0 for PAM software is available at no
cost. Use the following link to download RSA Authentication Agent 6.0
for PAM: http://www.rsa.com/node.asp?id=1177


Obtaining Documentation:

To obtain RSA Authentication Agent 6.0 for PAM documentation, log on
to RSA SecurCare Online at https://knowledge.rsasecurity.com and click
Documentation > Guides & Manuals > RSA SecurID > Authentication Agent
in the left navigation menu. In the main window, scroll down to the
section titled RSA Authentication Agent 6.0 for PAM, and select the
links to view documentation.


Getting Support and Service:

If you are a customer with a current maintenance contract, please
contact your local RSA Customer Support Center with any additional
questions regarding this RSA SecurCare Note. To find contact phone
numbers and e-mail addresses, log on to RSA SecurCare Online at
https://knowledge.rsasecurity.com and, in the left navigation menu,
click Contact & Help, and then click either Contact Us - Phone or
Contact Us - Email.


General Customer Support Information:

http://www.rsa.com/node.aspx?id=1264


RSA SecurCare Online:

https://knowledge.rsasecurity.com


About RSA SecurCare Notes & Alerts Subscription:

RSA SecurCare Notes & Alerts are targeted e-mail messages RSA sends
you based on the RSA product family you currently use. If you’d like
to stop receiving RSA SecurCare Notes & Alerts, or if you’d like to
change which RSA product family’s Notes & Alerts you currently
receive, log on to RSA SecurCare Online at
https://knowledge.rsasecurity.com and click Notes & Alerts and then
Subscription in the left navigation menu. Following the instructions
on the page, remove the check mark next to the RSA product family
whose Notes & Alerts you no longer wish to receive. Click the Submit
button to save your selection.


Sincerely,

RSA Customer Support

From: <securcare_note@...>
Subject: RSA, the Security Division of EMC, Releases Patch 2 for RSA
Authentication Manager 6.1 and RSA Authentication Agent 6.1 for
Microsoft Windows
Date: Thu, 28 Jun 2007 11:12:28 -0400

** Please do not reply to this email. To change or cancel your
subscription to RSA SecurCare Notes & Alerts, please log on to RSA
SecurCare Online at https://knowledge.rsasecurity.com, click "Notes &
Alerts" > "Subscription" in the left navigation menu, and follow the
instructions on the page to unsubscribe from this service.

Dear SecurCare Customer,

Summary:

Patch 2 for RSA� Authentication Manager 6.1 and RSA Authentication
Agent 6.1 for Microsoft Windows is now available for download. This
patch release addresses a number of defects for both the
Authentication Manager and the Authentication Agent since the release
of Patch 1.

The patch also significantly improves the Authentication Agent
automatic registration capabilities. For the full description of
automatic registration and its benefits, click the following link:
http://www.rsa.com/node.aspx?id=3271.

The Patch 2 for RSA� Authentication Manager 6.1 is not applicable to
RSA� SecurID Appliance. The patch for RSA� SecurID Appliance will be
released at a later date. Do not apply Patch 2 to the Authentication
Agents interacting with the Appliance until you apply the Appliance
Patch 2 when it becomes available.

With the release of Patch 2 for RSA� Authentication Manager 6.1 and
RSA Authentication Agent 6.1 for Microsoft Windows, RSA announces that
the Domain Authentication feature of RSA Authentication Agent 6.1 for
Microsoft Windows will not be supported after November 1, 2007. RSA
advises customers to remove the Domain Authentication solution (Domain
Authentication Client and Domain Authentication Host components) from
their environments and use the Local Authentication Client instead.


Downloading the Patches and Documentation:

To download Patch 2, log on to RSA SecurCare Online at
https://knowledge.rsasecurity.com and, in the left navigation menu,
click Downloads > Fixes by Product > RSA SecurID. To download the RSA
Authentication Manager 6.1.2 patch, click Authentication Manager. To
download the Authentication Agent 6.1.2 for Microsoft Windows patch,
click Authentication Agent 6.x.

To download product-related documentation, log on to RSA SecurCare
Online at https://knowledge.rsasecurity.com and, in the left
navigation menu, click Documentation > Guides & Manuals > RSA SecurID.
To download documentation released with the RSA Authentication Manager
6.1.2 patch, click Authentication Manager. To download documentation
released with the RSA Authentication Agent 6.1.2 for Microsoft Windows
patch, click Authentication Agent.


Latest Patches for RSA products:

RSA strongly recommends that you install the latest patches from RSA
in a timely manner. To check RSA SecurCare Online for the latest patch
levels for all current RSA products, log on to
https://knowledge.rsasecurity.com and, in the left navigation menu,
click Downloads.

Obtaining Support and Service:

For customers with current maintenance contracts, please contact your
local RSA Customer Support center with any additional questions
regarding this RSA SecurCare Note. To find contact phone numbers and
e-mail addresses, log on to RSA SecurCare Online at
https://knowledge.rsasecurity.com and, in the left navigation menu,
click Contact & Help, then click either Contact Us - Phone or Contact
Us - Email.

General Customer Support Information:

http://www.rsa.com/node.aspx?id=1264

RSA SecurCare Online:

https://knowledge.rsasecurity.com

About RSA SecurCare Notes & Alerts Subscription

RSA SecurCare Notes & Alerts are targeted e-mail messages RSA sends
you based on the RSA product family you currently use. If you'd like
to stop receiving RSA SecurCare Notes & Alerts, or if you'd like to
change the product family of Notes & Alerts you currently receive, log
on to RSA SecurCare Online at https://knowledge.rsasecurity.com and,
in the left navigation menu, click Notes & Alerts > Subscription.
Follow the instructions on the page and remove the check mark next to
the RSA product family for which you no longer want to receive Notes &
Alerts. To save your selection, click Submit.


Sincerely,

RSA Customer Support

I want to run the admexamp.c file from the RSA Security toolkit.
Do I need to download a compiler and compile the .exe myself? Is
there something built into RSA to help with this?

You are looking for the Cisco VPN Client for Mac.  You will need to download it
from Cisco
using your CCO account.  I have sucessfully used the Mac VPN client to
authenticate with
Cisco routers / VPN concentrators and PIX firewalls, so I know it can be done. 
All of these
devices used RSA ACE for authentication.

--- In securid-users@yahoogroups.com, "aamiyazaki" <aamiyazaki@...> wrote:
>
> Hello,
>
> I'm new to this group, so 'Hi Everyone'.
>
> I have a securid client in my windows and I use it to authenticate a
> Cisco VPN client.
>
> I'd like to do the same with a Apple Powerbook. The installed OS is
> MAC OS v 10.4.6 and I already have the VPN Client.
>
> My certificate for windows has a .sdtid file extension, but searching
> the WEB I've found a way of using another extension. Is there any way
> of using the same .sdtid file?
>
> I've searched in RSA's website but haven't found a client for MAC OS X
> 10.4.6 (FreeBSD).
>
> Thanks for any clue!
>
> Alberto
>

Hello,

I'm new to this group, so 'Hi Everyone'.

I have a securid client in my windows and I use it to authenticate a
Cisco VPN client.

I'd like to do the same with a Apple Powerbook. The installed OS is
MAC OS v 10.4.6 and I already have the VPN Client.

My certificate for windows has a .sdtid file extension, but searching
the WEB I've found a way of using another extension. Is there any way
of using the same .sdtid file?

I've searched in RSA's website but haven't found a client for MAC OS X
10.4.6 (FreeBSD).

Thanks for any clue!

Alberto

Subject: RSA, the Security Division of EMC, Releases Patch 1 for RSA
SecurID Appliance 2.0 Software
From:  securcare_note@...
Date:  Mon, December 18, 2006 9:13 am


** Please do not reply to this email. To change or cancel your
subscription to RSA SecurCare Notes & Alerts, please log on to RSA
SecurCare Online at https://knowledge.rsasecurity.com, click "Notes &
Alerts" > "Subscription" in the left navigation menu, and follow the
tching the Windows Operating System within the Appliance

Greatly improved process for upgrading the Appliance version of the
Authentication Manager software and the associated agent software

Refer to the Readme file included with the patch for an itemized list
of all modifications.

Recommendation:

As with any new update release, RSA strongly encourages users of the
RSA SecurID Appliance to download and apply this patch. Our standard
support and maintenance arrangements are contingent on users having
the most up-to-date version of our software products.

Getting Patches:

To get this new patch and documentation, log on to RSA SecurCare Online at
https://knowledge.rsasecurity.com and click "Downloads" > "Fixes by
Product" > "RSA SecurID" > "Appliance" in the left navigation menu.
Then, select the "Get Downloads for RSA SecurID Appliance 2.0.1" download

Latest Patches:

To check RSA SecurCare Online for the latest patch levels for all
current RSA products, log on at https://knowledge.rsasecurity.com and
click "Downloads" in the left navigation menu.

Getting Support and Service:

For customers with current maintenance contracts, please contact your
local RSA Security Customer Support center with any additional
questions regarding this RSA SecurCare Note. Contact phone numbers and
email addresses can be found by logging on to RSA SecurCare Online at
https://knowledge.rsasecurity.com and clicking "Contact & Help" >
"Contact Us - Phone" or "Contact Us - Email" in the left navigation menu.

General Customer Support Information:

http://www.rsasecurity.com/node.asp?id=1067

RSA SecurCare Online:

https://knowledge.rsasecurity.com

About RSA SecurCare Notes & Alerts Subscription:

RSA SecurCare Notes & Alerts are targeted email messages RSA Security
sends you based on the RSA Security product family you currently use.
If you'd like to stop receiving RSA SecurCare Notes & Alerts, or if
you'd like to change which RSA Security product family's Notes &
Alerts you currently receive, log on to RSA SecurCare Online at
https://knowledge.rsasecurity.com and click "Notes & Alerts" >
"Subscription" in the left navigation menu. Following the instructions
on the page, remove the check mark next to the RSA Security product
family whose Notes & Alerts you no longer wish to receive. Then click
the "Submit" button to save your selection.


Sincerely,

RSA Security Customer Support

Hello Good Morning

  I am developing a Web Application Java/J2EE and users must be
authenticate on RSA/ACE Server. But PIN only must be validate 2 pin's
position.


  Step 1. User

          UserName: us123456
          Pin:      1234
          Passcode: 452367


  I want to validate 2 pin's position.
           Example: *2*4   (second position and fourth position)


  At current, I don't know how does PIN get?, i need only validate two
positions randomly.

  Thanks

On 11/16/06, aravind008_99 <aravind008_99@...> wrote:
> Hi
>
> When we upload the seed files of the tokens on the server, is there a
> chance that the existing seed files on the server are replaced. Which
> inturn could cause tokens to get unassigned from the user's accounts.
>

Reimporting seed records does not destroy associated data
relationships already established in the ACE data base.  My experience
is with ACE 5.x and have not heard of any change in this behavior.

-Len Lynch

Hi

When we upload the seed files of the tokens on the server, is there a
chance that the existing seed files on the server are replaced. Which
inturn could cause tokens to get unassigned from the user's accounts.

Any quick response in this matter will be much appreciated.


Thanks