Incidents
Re: Weird SSH attack last night and this morning (still ongoing) May 16 2008 05:30PM
Valdis Kletnieks vt edu
On Fri, 16 May 2008 01:17:48 BST, Alex Howells said:

> > of possible keys, it would only generate one of some 2^18 keys, making the
> > brute forcing much easier (if you had a botnet of 10,000 bots, you could
> > break a weak key with an average of only 13 probes per bot, as opposed to
> > the several million year's worth of probes it should have taken).
>
> I'm somewhat curious where you get the 2**18 number, all reasonable
> analysis seems to conclude it is actually 2**15 -- although if you

I cheated and looked at the tester that got released, it had 2**18 - 4
keys it checked for (and a quick look at the 4 missing spots shows that those
would likely have been discarded as "weak" keys - stuff like all-zeros, etc).

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Exmh version 2.5 07/13/2001

iD8DBQFILcSjcC3lWbTT17ARAqNzAJ9d2B+7qUoyBU9J1k7pD8Js84ip6gCg9aRf
+JpzM78sJTh2rpINUUA/8Ck=
=+yxq
-----END PGP SIGNATURE-----

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus