Firewall Wizards mailing list archives
Re: FW: CISCO PIX Vulnerability
From: "Perry E. Metzger" <perry () piermont com>
Date: Thu, 18 Jun 1998 09:12:20 -0400
Rick Smith writes:
Adam Shostack's characterization of DES based products as "stupid" is important to examine, since DES is a mandatory part of all IPSEC implementations, and is currently the strongest product that some vendors can export.
You should remember that we made DES mandatory only for interoperability reasons, and that the decision was made years ago. If we were doing it again today, I suspect that we would have made 3DES mandatory instead.
On the other hand, there are NO reports of a criminal or competitor having ever mounted a brute force cracking attack on a commercial enterprise and caused it real damage.
It is likely that you wouldn't hear about it if it happened.
Security systems WILL fail regardless of how long the key is.
This I agree with. .pm
Current thread:
- CISCO PIX Vulnerability Damir Rajnovic (Jun 03)
- Re: CISCO PIX Vulnerability lum (Jun 04)
- <Possible follow-ups>
- FW: CISCO PIX Vulnerability Hal (Jun 15)
- Re: FW: CISCO PIX Vulnerability Adam Shostack (Jun 16)
- Re: FW: CISCO PIX Vulnerability Rick Smith (Jun 17)
- Re: FW: CISCO PIX Vulnerability Perry E. Metzger (Jun 18)
- Re: FW: CISCO PIX Vulnerability Rick Smith (Jun 18)
- Re: FW: CISCO PIX Vulnerability Perry E. Metzger (Jun 23)
- Going Public with Brute Force (was: CISCO PIX) Rick Smith (Jun 23)
- Re: FW: CISCO PIX Vulnerability Adam Shostack (Jun 16)
- Re: FW: CISCO PIX Vulnerability Adam Shostack (Jun 23)
- Re: FW: CISCO PIX Vulnerability Darren Reed (Jun 24)
- RE: FW: CISCO PIX Vulnerability Rick Smith (Jun 17)
- RE: FW: CISCO PIX Vulnerability Ted Doty (Jun 18)
- Re: FW: CISCO PIX Vulnerability Joseph S. D. Yao (Jun 26)