From owner-freebsd-security@FreeBSD.ORG  Tue Mar 15 13:23:05 2011
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 59678106566B
	for <freebsd-security@freebsd.org>;
	Tue, 15 Mar 2011 13:23:05 +0000 (UTC)
	(envelope-from rwmaillists@googlemail.com)
Received: from mail-ww0-f50.google.com (mail-ww0-f50.google.com [74.125.82.50])
	by mx1.freebsd.org (Postfix) with ESMTP id D2ED38FC19
	for <freebsd-security@freebsd.org>;
	Tue, 15 Mar 2011 13:23:04 +0000 (UTC)
Received: by wwc33 with SMTP id 33so674018wwc.31
	for <freebsd-security@freebsd.org>;
	Tue, 15 Mar 2011 06:23:03 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=googlemail.com; s=gamma;
	h=domainkey-signature:date:from:to:subject:message-id:in-reply-to
	:references:x-mailer:mime-version:content-type
	:content-transfer-encoding;
	bh=Gc+1aVU7N+HWKV5RzFddw0pYClgMPtGu9mTfK2Dfx9k=;
	b=OQuG7gjcnprJz+xHzRy0XPVkwqpQZsWQ4hQ6anXXCFsZcW/i1gQXMiCIn604x0iQv4
	Qe3MRbTMw1a5nLRqNwd2Mmg3OovacitI6j5ZPcpvbOMdBiAKz7spI88W0V4twUhOqepR
	0BgzrarBv9xVKkQlwhb6APa7zFbRdkaub8Ta4=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=googlemail.com; s=gamma;
	h=date:from:to:subject:message-id:in-reply-to:references:x-mailer
	:mime-version:content-type:content-transfer-encoding;
	b=RARMDDtZx/6rOAnHuKOhTEu14sCTEMZ//i3rSApifbHWwu6YgxDdz5VlFG/Aoyb6ai
	y8E5QpshRy3Rzu3U6G34p/ouI4ko4CezKqbfMSZ8pmWZkP4Z6wMLnW6za5UmknawCkMe
	KmZuizZadwXNA3uo+qZjxkH1HhrHGINjGWkZM=
Received: by 10.227.197.210 with SMTP id el18mr5165280wbb.39.1300195383753;
	Tue, 15 Mar 2011 06:23:03 -0700 (PDT)
Received: from gumby.homeunix.com (87-194-105-247.bethere.co.uk
	[87.194.105.247])
	by mx.google.com with ESMTPS id n2sm351272wej.22.2011.03.15.06.23.01
	(version=SSLv3 cipher=OTHER); Tue, 15 Mar 2011 06:23:02 -0700 (PDT)
Date: Tue, 15 Mar 2011 13:22:58 +0000
From: RW <rwmaillists@googlemail.com>
To: freebsd-security@freebsd.org
Message-ID: <20110315132258.01b8e976@gumby.homeunix.com>
In-Reply-To: <86ipvky8md.fsf@ds4.des.no>
References: <1299682310.17149.24.camel@w500.local>
	<alpine.BSF.2.00.1103100147350.1891@qvfongpu.qngnvk.ybpny>
	<1299769253.20266.23.camel@w500.local>
	<2E5C0CE8-4F70-4A4D-A91D-3274FD394C80@elvandar.org>
	<1299784361.18199.4.camel@w500.local>
	<20110310202653.GG9421@shame.svkt.org>
	<1299798547.20831.59.camel@w500.local>
	<20110313204054.GA5392@server.vk2pj.dyndns.org>
	<1300050377.5900.12.camel@w500.local>
	<20110313220552.5b79de13@gumby.homeunix.com>
	<86ipvky8md.fsf@ds4.des.no>
X-Mailer: Claws Mail 3.7.8 (GTK+ 2.22.1; i386-portbld-freebsd8.1)
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
Subject: Re: It's not possible to allow non-OPIE logins only from trusted
 networks
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Security issues \[members-only posting\]"
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 15 Mar 2011 13:23:05 -0000

On Tue, 15 Mar 2011 11:35:06 +0100
Dag-Erling Sm=F8rgrav <des@des.no> wrote:

> RW <rwmaillists@googlemail.com> writes:
> > IIRC there is/was a weakness in FreeBSD's OPIE implementation in
> > that it's susceptible to rainbow table attacks - I think part of
> > the hash is discarded.
>=20
> Can you provide more details?

http://lists.freebsd.org/pipermail/freebsd-security/2009-February/005114.ht=
ml