Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Secure-Shell
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: WELCOME to secureshell@securityfocus.com

from [Eric Puryear] Network Security [Permanent Link]
Subject: Re: WELCOME to secureshell@securityfocus.com
Date: Fri, 19 Aug 2005 15:05:29 -0500 
Greetings everyone.  I have a question about ssh rekeying that Ihaven't been 
able to find much discussion about:  Are there anysecurity disadvantages or 
risks with extremely frequent rekeying?
I know there is a risk of collisions if you don't rekey frequentlyenough, but 
is rekeying every 1 minute or even more frequently bad? My guess would be that 
is is not bad, but I wonder if having that manysession keys generated would 
increase the risk of a collision in thesame way that having too many packets 
sent between rekeying does.  Ifthis risk of collisions was true, does that mean 
that changingpublic/private key pairs would reduce this risk, or would one have 
tochange the server's keys as well?
One note:  I am not concerned with the computational or networkoverhead of very 
frequent rekeying – just the security implications.
Thanks :)Eric
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • Re: WELCOME to secureshell@securityfocus.com, Eric Puryear <=
Previous by Date:  RE: anti-phishing implementation, Lyal Collins
Next by Date:  Redhat WS 4, AIX 5.2.0.4, X11 apps problem, Travis Johnson
Previous by Thread:  anti-phishing implementation, Bjorn Borg
Next by Thread:  Redhat WS 4, AIX 5.2.0.4, X11 apps problem, Travis Johnson
Indexes:  [Date] [Thread] [Top] [All Lists]