[1873] in linux-security and linux-alert archive

home help back first fref pref prev next nref lref last post

[linux-security] Re: Services not required?

daemon@ATHENA.MIT.EDU (Paul D. Robertson)
Mon Jun 15 03:13:00 1998

Date: Wed, 10 Jun 1998 19:23:21 -0400 (EDT)
From: "Paul D. Robertson" <proberts@clark.net>
To: "Michael H. Warfield" <mhw@wittsend.com>
Cc: linux-security@redhat.com
In-Reply-To: <199806091335.JAA05134@alcove.wittsend.com>
Resent-From: linux-security@redhat.com
Resent-Reply-To: linux-security@redhat.com

On Tue, 9 Jun 1998, Michael H. Warfield wrote:

> > Agreed, unless you happen to field a lot of Wintel boxes and no-one wants
> > to spring for F-Secure.
> 
> 	There are freeware ssh clients for Windows 95/NT and now freeware
> ssh servers (including a shell) for Windows NT (I don't think the server
> runs on 95 - fortunately...).

Unfortunately, this doesn't address the patent licensing issues for RSA, and 
getting the license for running the code to connect, say to a box at 
work, generally costs more than the cost of the commercial clients.  

If however, any of the Freeware clients do only DH/IDEA/3DES, I'd like to hear 
from someone with a URL, because as long as RSA wants such idiotic fees for 
the algorithms, I'll stay right the heck away from it, and I even bought 
RSAREF.

> will try and contact your ident server and have to time out.  That introduces
> rediculous delays in mail delivery.

SMTP isn't exactly a real-time protocol, and SMTP servers aren't required 
to answer to IDENT queries, if you run IDENT requests, then you should be 
able to live with the extra socket lifetime on your server, just as I 
should if I don't wish to respond with an RST and I send you mail.  Two 
days could be considered a ridiculous delay in SMTP, a few seconds 
to a few minutes shouldn't be.

Paul
-----------------------------------------------------------------------------
Paul D. Robertson      "My statements in this message are personal opinions
proberts@clark.net      which may have no basis whatsoever in fact."
                                                                     PSB#9280

-- 
----------------------------------------------------------------------
Please refer to the information about this list as well as general
information about Linux security at http://www.aoy.com/Linux/Security.
----------------------------------------------------------------------

To unsubscribe:
  mail -s unsubscribe linux-security-request@redhat.com < /dev/null


home help back first fref pref prev next nref lref last post