Date: Fri, 13 Nov 1998 23:16:08 +0100 (MET) From: Rudolf Schreiner <ras@muc.de> To: freebsd-security@FreeBSD.ORG Subject: Re: Intruder Lockout Message-ID: <Pine.BSF.3.91.981113223542.14777F-100000@phobos.muc.de> In-Reply-To: <Pine.BSF.3.96.981113123242.15232B-100000@fledge.watson.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 13 Nov 1998, Robert Watson wrote:
> I suppose an alternative to account lockout is to have an authentication
> scheme where keyspace search is infeasible :). I'm not so impressed with
> Kerberos since the DES key cracker was announced :).
tethys% SU ./ktutil list
Version Type Principal
1 des host/tethys.technosec.com@TECHNOSEC.COM
1 des3 host/tethys.technosec.com@TECHNOSEC.COM
[...]
Heimdal supports Triple DES and works fine on FreeBSD.
It's from Sweden, so there are no problems with US export laws.
Another very interesting security mechanism is Sesame. The Sesame source
distribution is *(&^#$*&^ and it contains very weak crypto (french
laws...). I made a quick'n dirty port to FreeBSD. Basically it works,
but it still contains many memory leaks. Fixing these problems would be
no big problem, but the Sesame license is very strict. We just could use
it "for experiments"... :-(#
Rudi
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.91.981113223542.14777F-100000>