[EMAIL PROTECTED] writes:
> > tcpdump needs live packet capture, and whatever that is, we don't have it.
>
> Yes, Marcus, I realized it from the error message.
> But my question is:
>
> - > tcpdump: live packet capture not supported on this system
> what does this term "live packet capture" me
On Fri, Dec 20, 2002 at 06:00:02AM +0700, [EMAIL PROTECTED] wrote:
> > tcpdump needs live packet capture, and whatever that is, we don't have it.
>
> Yes, Marcus, I realized it from the error message.
> But my question is:
>
> - > tcpdump: live packet capture not supported on this system
> what
> tcpdump needs live packet capture, and whatever that is, we don't have it.
Yes, Marcus, I realized it from the error message.
But my question is:
- > tcpdump: live packet capture not supported on this system
what does this term "live packet capture" mean?
(any reference / pointer to a web s
If my number theory was stronger, and I was more familiar with the
related code, I would be rather tempted, but my programming background
leans far more to compilers and API definitions, translations and
interfaces, as well as user interfaces. You don't usually want your
compilers in
On Thu, 2002-12-19 at 17:33, Alfred M. Szmidt wrote:
>I'd suggest that this matter might better be addressed off-list, or
>else identified as something that the two of you are not going to
>reach a common vision through the mechanism of the mailing list.
>
> We came to a conclusion tha
I'd suggest that this matter might better be addressed off-list, or
else identified as something that the two of you are not going to
reach a common vision through the mechanism of the mailing list.
We came to a conclusion that I think everyone agrees with, and there
is nothing off-topic
On Thu, 2002-12-19 at 14:52, Thomas Bushnell, BSG wrote:
> "Alfred M. Szmidt" <[EMAIL PROTECTED]> writes:
>
> >> Why do I feel like repeating this old mantra: Bad security is worse
> >> than no security.
> >
> >Sez you. Many disagree. Especially for a system in development, with
> >
[EMAIL PROTECTED] (Neal H. Walfield) writes:
> > If our only alternatives are
> >
> > 1) no ssh
> > 2) ssh with no security
>
> Wrong, which just proves that you have not read this thread: we are
> arguing about entropy; ssh is only a side argument.
*IF*. Can you read the word *IF*?
The propo
On Thu, Dec 19, 2002 at 04:10:25PM -0500, Neal H. Walfield wrote:
> There is a fourth alternative: leave everything the way it is. If you
> need some quality entropy copy it from e.g. a GNU/Linux system.
This is what the buildd machine does, btw.
Tks,
Jeff Bailey
>1) no ssh
>2) ssh with no security
>
>you have advocated (2), right? It is that statement which I am
>arguing against.
>
> No, I have advocated against including a unsecure random translator.
> You are forgetting the third alternative, making ssh use its own
> random pool. Assu
Then we are at an agreement I think.
I took a quick look at Open SSH and its flags for gathering random
entropy. From the looks the --with-rand-helper is the flag to use,
but I think that the configure script should pick up the fact that we
do not have /dev/random.
I will take a closer look at t
> If our only alternatives are
>
> 1) no ssh
> 2) ssh with no security
Wrong, which just proves that you have not read this thread: we are
arguing about entropy; ssh is only a side argument.
"Alfred M. Szmidt" <[EMAIL PROTECTED]> writes:
>If our only alternatives are
>
>1) no ssh
>2) ssh with no security
>
>you have advocated (2), right? It is that statement which I am
>arguing against.
>
> No, I have advocated against including a unsecure random translator.
>
If our only alternatives are
1) no ssh
2) ssh with no security
you have advocated (2), right? It is that statement which I am
arguing against.
No, I have advocated against including a unsecure random translator.
You are forgetting the third alternative, making ssh use its own
ra
"Alfred M. Szmidt" <[EMAIL PROTECTED]> writes:
> Please, could you bother reading my mails even for a small amount of
> time? I have _not_, I repeat, _not_ suggested the removal of Open SSH!
If our only alternatives are
1) no ssh
2) ssh with no security
you have advocated (2), right? It is tha
"Alfred M. Szmidt" <[EMAIL PROTECTED]> writes:
>>Telnet has worse security than even a buggy miserably fake ssh.
>>
>> Telnet has _no_ security. It doesn't have fake security, which you
>> get by using crappy random bits and Open SSH. That is a huge
>> difference. Open
Please, could you bother reading my mails even for a small amount of
time? I have _not_, I repeat, _not_ suggested the removal of Open SSH!
>Telnet has worse security than even a buggy miserably fake ssh.
>
> Telnet has _no_ security. It doesn't have fake security, which you
> get by using crappy random bits and Open SSH. That is a huge
> difference. Open SSH was designed for security, telnet was _not_.
What?
"Alfred M. Szmidt" <[EMAIL PROTECTED]> writes:
>> I think that we can all accept that there are currently a variety of
>> security holes in the Hurd. The type of security holes which would be
>> introduced by using bad random data, however, is far worse as it has
>> the potential
"Alfred M. Szmidt" <[EMAIL PROTECTED]> writes:
>Telnet has worse security than even a buggy miserably fake ssh.
>
> Telnet has _no_ security. It doesn't have fake security, which you
> get by using crappy random bits and Open SSH. That is a huge
> difference. Open SSH was designed for secu
> I think that we can all accept that there are currently a variety of
> security holes in the Hurd. The type of security holes which would be
> introduced by using bad random data, however, is far worse as it has
> the potential to allow an attacker to obtain access to systems that
Telnet has worse security than even a buggy miserably fake ssh.
Telnet has _no_ security. It doesn't have fake security, which you
get by using crappy random bits and Open SSH. That is a huge
difference. Open SSH was designed for security, telnet was _not_.
[EMAIL PROTECTED] (Neal H. Walfield) writes:
> > > Why do I feel like repeating this old mantra: Bad security is worse
> > > than no security.
> >
> > Sez you. Many disagree. Especially for a system in development, with
> > already has bad security.
>
> I think that we can all accept that ther
[EMAIL PROTECTED] (Niels Möller) writes:
> The argument is really simple. Programs that use /dev/urandom
> generally expect to get numbers that are not only uniform, but numbers
> which are actually *useful* for *cryptographic* purposes. Creating a
> /dev/urandom that does something different is b
"Alfred M. Szmidt" <[EMAIL PROTECTED]> writes:
>> Why do I feel like repeating this old mantra: Bad security is worse
>> than no security.
>
>Sez you. Many disagree. Especially for a system in development, with
>already has bad security.
>
> Fine, would you like to work on this
guilhem a écrit :
> Hi,
hi
> I'm new to Hurd and I'm looking to install it on a laptop. My
> main problem is that my CD-Rom and ethernet card are on PCMCIA
> ports.
To use PCMCIA, you have to use GNU Mach 2.0 (aka OSKit Mach), there is
no PCMCIA support in GNU Mach 1.x.
The actual way to
Hi,
I'm new to Hurd and I'm looking to install it on a laptop. My
main problem is that my CD-Rom and ethernet card are on PCMCIA
ports.
Is Hurd (version J2) ready for this stuff?
If not, is there anybody working on such support (perhaps I
could help)?
Accédez au courrier électronique de La Poste
You're not going to believe what's happening
to me now.someone is doing an experiment on me.I mean an
experiment on a living creature.
it's kind of hard to explain this
situation.
Base: liquid
thing interacting with human body in itself.1. they raise some
koreans(about 20) and put liquid thi
Hi
I am running a cvs hurd and it seems that ftpfs is broken. Actually I don't
know if it's ftpfs, could be something. What happens
is I try "settrans -a /gnu /hurd/ftpfs / ftp.debian.org" and I get translator
died emediately. When I try without the -a option I get no translator death
until I c
Le jeu 19/12/2002 à 15:44, Emile van Bergen a écrit :
> Hi,
>
> On Thu, Dec 19, 2002 at 03:26:13PM +0100, PUYDT Julien wrote:
>
> > Le jeu 19/12/2002 à 15:18, Daniel Burrows a écrit :
> > > On Thu, Dec 19, 2002 at 09:17:23AM +0100, PUYDT Julien <[EMAIL
> > > PROTECTED]> was heard to say:
> > > >
Niels a écrit :
> The argument is really simple. Programs that use /dev/urandom
> generally expect to get numbers that are not only uniform, but numbers
> which are actually *useful* for *cryptographic* purposes. Creating a
> /dev/urandom that does something different is breaking that inform
Hi,
On Thu, Dec 19, 2002 at 03:26:13PM +0100, PUYDT Julien wrote:
> Le jeu 19/12/2002 à 15:18, Daniel Burrows a écrit :
> > On Thu, Dec 19, 2002 at 09:17:23AM +0100, PUYDT Julien <[EMAIL PROTECTED]>
> > was heard to say:
> > > Le mer 18/12/2002 à 18:45, Niels Möller a écrit :
> > > > use some ot
One-time pads are definitely secure against any mathematical
attack. (if you assume that the bits of the key are perfectly
random) Basically, given an encrypted message, every key/plaintext
combination is equally likely.
And try to find out which one is the right message! Fun for th
Le jeu 19/12/2002 à 15:18, Daniel Burrows a écrit :
> On Thu, Dec 19, 2002 at 09:17:23AM +0100, PUYDT Julien <[EMAIL PROTECTED]>
> was heard to say:
> > Le mer 18/12/2002 à 18:45, Niels Möller a écrit :
> > > use some other construction that is secure even if the enemy has infinite
> > > computati
On Thu, Dec 19, 2002 at 09:17:23AM +0100, PUYDT Julien <[EMAIL PROTECTED]> was
heard to say:
> Le mer 18/12/2002 à 18:45, Niels Möller a écrit :
> > use some other construction that is secure even if the enemy has infinite
> > computational power
>
> I'm pretty sure it isn't possible:
One-time
There is still quantum cryptography. It's provable secure because if you
sniff the message is destroyed.
OTP is also there.
Find, ls, rm, etc, they all need to be extended to support
translators and to not cross translated nodes when going recursive
etc. This work has hardly been started yet (hi Alfred :)
Yes yes, it is on my todo list, somewhere there atleast.
Budi Rahardjo <[EMAIL PROTECTED]> writes:
> On Wed, Dec 18, 2002 at 12:54:17AM +0100, Ga?l Le Mignot wrote:
> > No, we should use a random translator, which, at least, provide uniform
> > numbers, and differents number on successive reads.
>
> I have not heard argument(s) against this.
The argum
which one would you prefer?
telnet or ssh (with weak encryption)
What I prefer has nothing todo with this discussion. ssh is meant for
security, telnet is not.
I belive you can remove duplicate mails based on the message ID.
I have not heard argument(s) against this.
Then please read the mailing list archives, Marcus already gave
reasons. And it is not Ga?l's random translator, it was written by
Marcus.
Le jeu 19/12/2002 à 10:56, Marcus Brinkmann a écrit :
> There is still quantum cryptography. It's provable secure because if you
> sniff the message is destroyed.
>
> However, it's not really something you can use today, although I think they
> already managed to bridge a couple of meters over th
On Thu, Dec 19, 2002 at 09:17:23AM +0100, PUYDT Julien wrote:
> Le mer 18/12/2002 à 18:45, Niels Möller a écrit :
> > use some other construction that is secure even if the enemy has infinite
> > computational power
>
> I'm pretty sure it isn't possible:
> 1) you always want someone to read your m
On Thu, Dec 19, 2002 at 08:30:40AM +0700, Budi Rahardjo wrote:
>
> hurd:~/src/tcpdump-3.7.1# ./tcpdump -i eth0
> tcpdump: live packet capture not supported on this system
>
> any pointers? explanation?
tcpdump needs live packet capture, and whatever that is, we don't have it.
Marcus
--
`Rhuba
On Thu, Dec 19, 2002 at 07:41:04AM +0700, Budi Rahardjo wrote:
> On Wed, Dec 18, 2002 at 10:45:14PM +0100, Marcus Brinkmann wrote:
> > Debian never was ported to a system that embeds
> > such information directly into the filesystem, so it is no wonder that it
> > doesn't support that right now, bu
Le mer 18/12/2002 à 18:45, Niels Möller a écrit :
> use some other construction that is secure even if the enemy has infinite
> computational power
I'm pretty sure it isn't possible:
1) you always want someone to read your message; hence no cryptalgo can
be infinitely secure, there must be some ke
46 matches
Mail list logo
