[Openswan dev] Re: [Openswan Users] Xauth Client extensions

mcr at xelerance.com mcr at xelerance.com
Wed Apr 7 11:53:46 CEST 2004


-----BEGIN PGP SIGNED MESSAGE-----


>>>>> "Ken" == Ken Bantoft <ken at xelerance.com> writes:
    Ken> It's primarily a DoS/CPU eating attack that is possible, as an
    Ken> evil client could initiate many aggressive mode connections for
    Ken> which DH would need to be done on each one.

  To be clear - you do NOT need to know the "group pre-shared key"
to cause the DoS. 

- --
]       ON HUMILITY: to err is human. To moo, bovine.           |  firewalls  [
]   Michael Richardson,    Xelerance Corporation, Ottawa, ON    |net architect[
] mcr at xelerance.com      http://www.sandelman.ottawa.on.ca/mcr/ |device driver[
] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: Finger me for keys

iQCVAwUBQHQV9IqHRg3pndX9AQF0WgQA7XXcVbTPVmRB8h/iPK8jube2TwTerwAK
hGbzVg3niYJj3uUaKI8E7YgQHyBK8GwVEIfdiwwTo0Z2dqgjLChhbcZjktILzVUI
3EnVPwAjkNXjs5tHXHQG52i+a3j05+TCxgNHZa7t/kX+sGYeZGJQYqRzWfQB6lj6
WuCJ6hmif34=
=ZmgL
-----END PGP SIGNATURE-----


More information about the Users mailing list