Gentoo Logo
Gentoo Spaceship




Note: Due to technical difficulties, the Archives are currently not up to date. GMANE provides an alternative service for most mailing lists.
c.f. bug 424647
List Archive: gentoo-security
Navigation:
Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
Headers:
To: gentoo-security@g.o
From: ascii <ascii@...>
Subject: Re: SSH probes
Date: Sun, 06 Nov 2005 00:19:02 +0100
Brian Micek wrote:
> Please lets forget about this thread because its going nowhere and once 
> again, I apologize about all this spam.

yeah, i love BOFH : ) but the argue about cpu and bandwith waste is real

don't care who say you can't send random data on request, we are free to
reply what we want on a request (also some ascii p*rn is a good idea)

if you are using tcpd consider to do something like catting some random
data to a file and then stream the file (no disk i/o since linux has
caching, low cpu usage)

remember also you are sending some of your precious *true* random data
to the bad guy (i'm not able to exploit or predict the next random bit
but i heard somebody on the globe is able to.. so be paranoid :P )

also the client will break the tcp stream on X null chars or something
like that so use a file and close the connection at some poit is good
to prevent bandwith waste (don't let the client decide)

an other thing to consider is ip spoofing, but who cares : )

just my 901 bytes opinion..
-- 
gentoo-security@g.o mailing list


Replies:
Re: SSH probes
-- Jon Gustafson
References:
SSH probes
-- Brian Micek
Re: SSH probes
-- William Yang
Re: SSH probes
-- Brian Micek
Re: SSH probes
-- Alec Warner
Re: SSH probes
-- Brian Micek
Navigation:
Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
Previous by thread:
Re: SSH probes
Next by thread:
Re: SSH probes
Previous by date:
Re: SSH probes
Next by date:
Re: SSH probes


Updated Jun 17, 2009

Summary: Archive of the gentoo-security mailing list.

Donate to support our development efforts.

Copyright 2001-2013 Gentoo Foundation, Inc. Questions, Comments? Contact us.