Date: Mon, 12 Feb 2001 12:50:59 +0100 From: Andrea Campi <andrea@webcom.it> To: Kris Kennaway <kris@obsecurity.org> Cc: Kris Kennaway <kris@FreeBSD.org>, cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/crypto/openssh rsa.c rsa.h ssh-agent.c sshconnect1.c sshd.c Message-ID: <20010212125057.C631@webcom.it> In-Reply-To: <20010212030412.A29837@mollari.cthul.hu>; from kris@obsecurity.org on Mon, Feb 12, 2001 at 03:04:12AM -0800 References: <200102120644.f1C6iqj18540@freefall.freebsd.org> <20010212114505.B631@webcom.it> <20010212030412.A29837@mollari.cthul.hu>
next in thread | previous in thread | raw e-mail | index | archive | help
> >
> > What happens if an attacker is able to trigger regeneration tens or hundreds of
> > times per second? I think there is opportunity for a DOS if this isn't done
> > properly!
>
> Connections are rate-limited - we tested this and found it not to be an issue.
Perfect, I just wanted to make sure this was verified.
Thanks a lot, this update was much needed. Thanks for keeping FreeBSD secure ;-)
Bye,
Andrea
--
Secret hacker rule #11: hackers read manuals.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010212125057.C631>