Hi
Its time to check the CERT archives. There was one out earlier this
year that a poor random number generator seed value made the keys
generated for encrypted kerberized (telnet, others?) sessions easier
to crack then it should be. If I remember correctly, this only
affected Kerberos 4 implementations, and is already fixed in Kerberos 5.
Check with your O.S. provider for possible fixes
Personal Opinions provided by
Leonard Miyata
aka leonard @
geminisecure .
com
GEMINI COMPUTERS INC
On Thu, 7 Nov 1996, Todd Graham Lewis wrote:
> On Thu, 7 Nov 1996, Tony Iannotti wrote:
>
> > On Thu, 7 Nov 1996, Craig Brozefsky wrote:
> >
> > > On Wed, 6 Nov 1996, Tony Iannotti wrote:
> > >
> > > > I thought kerberos only did authentication, not session encryption?
> > >
> > > It's broken tho.
> >
> > The encryption or authentication part? How so? Pointers welcome if this is
> > a faq.
>
> I, too, am curious. We have encrypting kerberized applications all over
> the place, all from the latest distribution. Which part, indeed, is broken?
>
> __
> Todd Graham Lewis Linux! Core Engineering
> Mindspring Enterprises tlewis @
mindspring .
com (800) 719 4664, x2804
>
References:
-
Re: POP3 proxy
From: Todd Graham Lewis <lists @
reflections .
mindspring .
com>
|
|
