Hi there, On Thu, 8 Mar 2012, Spain, Dr. Jeffry A. wrote:
Other posts have alluded to the Debian openssl flaw reported in May 2008 (http://www.debian.org/security/2008/dsa-1571). This led to predictable random primes being used to generate RSA moduli ...
Just in case anyone thinks that this is a purely academic discussion, in May 2008 when I received the Debian security advisory I did some searching on the Internet for private keys. Several of my own hosts' key pairs had been published widely in hackers' forums within less than a day of the publication of the advisory. Here's one such pair: -rw-r--r-- 1 root root 602 Aug 23 2007 ssh_host_dsa_key.pub.broken -rw------- 1 root root 668 Aug 23 2007 ssh_host_dsa_key.broken -rw-r--r-- 1 root root 602 May 14 2008 ssh_host_dsa_key.pub -rw------- 1 root root 668 May 14 2008 ssh_host_dsa_key It was rather worrying to find that this flaw had been available for exploitation for nine months in the case of this particular host, very satisfying that a policy of 'defence in depth' dropped all connection attempts from unknown IPs, and little more than good fortune that the affected servers were never exposed to the Internet. -- 73, Ged. _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
