[prev in list] [next in list] [prev in thread] [next in thread]
List: linux-ha-dev
Subject: Re: [Linux-ha-dev] Heartbeat and replay attacks
From: Jerome Etienne <jetienne () arobas ! net>
Date: 2000-06-05 15:08:32
[Download RAW message or body]
On Mon, Jun 05, 2000 at 07:55:09AM -0600, Alan Robertson wrote:
> Challenge/response systems need unique challenges to be proof against
> replay attacks. This is an attempt to make the challenge unique. By
> the way, I meant "return value from time(2)", which is really the local
> version of the current time in UTC.
note that time(2) is vulnerable to time change and generaly not used
assuming the random number is enough if cleverly choosen. e.g rfc2522.3.3
> Since I haven't written it, improvement suggestions are more than
> welcome.
i find your previous description too vague to be commented
_______________________________________________________
Linux-HA-Dev: Linux-HA-Dev@lists.tummy.com
http://lists.tummy.com/mailman/listinfo/linux-ha-dev
Home Page: http://linux-ha.org/
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic