From owner-freebsd-security  Fri Jan 31 18:18:11 2003
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id B5A4137B401
	for <freebsd-security@FreeBSD.ORG>; Fri, 31 Jan 2003 18:18:09 -0800 (PST)
Received: from greg.cex.ca (h24-207-26-100.dlt.dccnet.com [24.207.26.100])
	by mx1.FreeBSD.org (Postfix) with SMTP id DA9BE43E4A
	for <freebsd-security@FreeBSD.ORG>; Fri, 31 Jan 2003 18:18:03 -0800 (PST)
	(envelope-from gregw-freebsd-security@greg.cex.ca)
Received: (qmail 42633 invoked by uid 1001); 1 Feb 2003 02:18:15 -0000
Date: Fri, 31 Jan 2003 18:18:15 -0800
From: Greg White <gregw-freebsd-security@greg.cex.ca>
To: freebsd-security@FreeBSD.ORG
Subject: Re: SSHD suddenly takes SIX MINUTES to authenticate
Message-ID: <20030131181815.A42597@greg.cex.ca>
Mail-Followup-To: freebsd-security@FreeBSD.ORG
References: <v04210102ba60a5a98b9c@[192.168.1.27]> <3E3B1D71.21CFBD42@ursine.com> <20030201015129.GA27949@rfc822.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5.1i
In-Reply-To: <20030201015129.GA27949@rfc822.net>; from pde@rfc822.net on Fri, Jan 31, 2003 at 07:51:29PM -0600
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

On Fri Jan 01/31/03, 2003 at 07:51:29PM -0600, Pete Ehlke wrote:
> Right. And the DNS for krb5-realm.com is, to put it politely, a mess.
> 
> ISTR seeing something about changes to krb5-realm.com on nanog a couple
> of weeks ago. You may want to check the archives.

And if you owned and operated krb5-realm.com, you wouldn't do what they
appear to have done? This massive bug in openssh must have bit these
poor guys pretty hard....

> Or, y'know. Upgrade openssh ;)

And I'm sure than when you do, the poor suckers who O&O that got
absolutely _fscked_ by this bit of silliness will thank you. :)

Were I them, I might have simply NXDOMAIN'd the whole domain, if it were
possible...Imagine the traffic!

-- 
Greg White

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message