[836] in Intrusion Detection Systems
Re: Securing NSF
daemon@ATHENA.MIT.EDU (Alexander O. Yuriev)
Wed Jan 8 11:32:15 1997
To: ids@uow.edu.au
In-Reply-To: Your message of "Thu, 02 Jan 1997 16:53:48 PST."
<Pine.GSO.3.95.970102163840.15848G-100000@cypress.nwnet.net>
Date: Mon, 06 Jan 1997 11:57:42 -0500
From: "Alexander O. Yuriev" <alex@bach.cis.temple.edu>
Reply-To: ids@uow.edu.au
Your message dated: Thu, 02 Jan 1997 16:53:48 PST
> > try SecureNFS or Kerberos NFS
> [snip]
>
> They're both minor improvements over vanilla NFS, but be aware of their
> limitations.
>
> Secure NFS uses Secure RPC (i.e. AUTH_DES authentication), which is based
> on a 192-bit Diffie-Hellman modulus -- small enough to be cryptanalyzed.
> (I think there's even a crack program for it.)
Folks from Bell Labs did write a program to do it rather long time ago but
from what I understand it never became available to general public.
Best wishes,
Alex
