From owner-cvs-all Sat Jan 19 8:24:53 2002 Delivered-To: cvs-all@freebsd.org Received: from storm.FreeBSD.org.uk (storm.FreeBSD.org.uk [194.242.139.170]) by hub.freebsd.org (Postfix) with ESMTP id 43DE737B405; Sat, 19 Jan 2002 08:24:38 -0800 (PST) Received: (from uucp@localhost) by storm.FreeBSD.org.uk (8.11.6/8.11.6) with UUCP id g0JGO8X26651; Sat, 19 Jan 2002 16:24:09 GMT (envelope-from mark@grondar.za) Received: from grondar.za (mark@localhost [127.0.0.1]) by grimreaper.grondar.org (8.11.6/8.11.6) with ESMTP id g0JGMUt22213; Sat, 19 Jan 2002 16:22:30 GMT (envelope-from mark@grondar.za) Message-Id: <200201191622.g0JGMUt22213@grimreaper.grondar.org> To: "Andrey A. Chernov" Cc: Kris Kennaway , cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/lib/libpam/modules/pam_opie pam_opie.c References: <20020119143617.GB9803@nagual.pp.ru> In-Reply-To: <20020119143617.GB9803@nagual.pp.ru> ; from "Andrey A. Chernov" "Sat, 19 Jan 2002 17:36:17 +0300." Date: Sat, 19 Jan 2002 16:22:30 +0000 From: Mark Murray Sender: owner-cvs-all@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG > > Nothing to it; you'd store a few bytes in /var/run or somewhere, and > > hash them with the provided username to generate the fake challenge. > > And your hash provide random numbers instead of constantly decreased as=20 > they expected be (by intruder too). Nope. The hash is based on things that don't change very often, so it will be constant for most attacks. As the intruder is not sucessfully breaking in, there MUST BE NO decrement. M -- o Mark Murray \_ FreeBSD Services Limited O.\_ Warning: this .sig is umop ap!sdn To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message