Bugtraq mailing list archives
Re: VNC authentication weakness
From: Jose Nazario <jose () monkey org>
Date: Fri, 26 Jul 2002 11:38:46 -0400 (EDT)
On Thu, 25 Jul 2002, Mitch Adair wrote:
Actually it appears that /dev/urandom does deplete the randomness pool in Linux at least (and you sortof concede this later in your post I think.) I will quote a comment from /usr/src/linux-2.4.19rc1/drivers/char/random.c
maybe i'm missing something, but why not pull a PRNG seed from
/dev/random?
___________________________
jose nazario, ph.d. jose () monkey org
http://www.monkey.org/~jose/
Current thread:
- VNC authentication weakness jepler (Jul 24)
- Re: VNC authentication weakness David Frascone (Jul 24)
- Re: VNC authentication weakness Iván Arce (Jul 24)
- Re: VNC authentication weakness Jack Lloyd (Jul 25)
- Re: VNC authentication weakness Constantin Kaplinsky (Jul 26)
- Re: VNC authentication weakness Andreas Beck (Jul 25)
- Re: VNC authentication weakness David Wagner (Jul 25)
- Re: VNC authentication weakness Mitch Adair (Jul 26)
- Re: VNC authentication weakness Jose Nazario (Jul 26)
- Re: VNC authentication weakness Ariel Waissbein (Jul 27)
- Re: VNC authentication weakness David Wagner (Jul 25)
- Re: VNC authentication weakness David Frascone (Jul 24)
- <Possible follow-ups>
- RE: VNC authentication weakness Andrew van der Stock (Jul 26)
- Re: VNC authentication weakness Kragen Sitaker (Jul 28)
- Re: VNC authentication weakness Theo de Raadt (Jul 29)
- Re: VNC authentication weakness Nate Lawson (Jul 29)
- Re: VNC authentication weakness Mike Porter (Jul 30)
- Re: VNC authentication weakness Theo de Raadt (Jul 29)
- Re: VNC authentication weakness David Wagner (Jul 29)
- Re: VNC authentication weakness David Malone (Jul 30)