My SecureCRT supports 3DES with ssh1 & ssh2, SecureCRT version 3.1 (32-bit)
----- Original Message -----
From: "Larry Paul" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Cc: "firewalls_list" <[EMAIL PROTECTED]>
Sent: Wednesday, November 29, 2000 3:18 PM
Subject: RE: Poly who?
> Is it true that as the key expands bit-wise, the factoring time increases
at
> a non-linear rate?
> If SecureCRT doesn't support 3DES, what do they (or you) recommend? It
> seems to me (I have a lot of seams) that where we are headed with all this
> is Artificial Intelligence. And that would solve a lot of the
> mis-configuration problems & forgetfullness that security admins seem to
> exhibit at times. Since it seems nearly impossible to base security
> strictly on rule dominated firewall technolgy.....even with stateful
> inspection....even with IDS systems. Some bizarre combination of FW's,
IDS,
> & security policy implementation run by an AI system all out of one box,
> with tentacles everywhere. Sorry, I might have gotten a little carried
away
> there, but you get the idea. AI would provide instant response with a
> stateful AND thoughtful inspection.
> I know, I know, us amateurs don't have any idea what's involved. :)
> Remember the universe produces idiots faster than programmers can idiot
> proof software. What are your thoughts on this?
> Larry Paul
>
> "Artificial Intelligence: the art of making computers that behave like
the
> ones in movies."
> -Bill Bulko
> *-----Original Message-----
> *From: Martin [mailto:[EMAIL PROTECTED]]
> *Sent: Wednesday, November 29, 2000 12:37 PM
> *To: Larry Paul
> *Cc: Ben Nagy; firewalls_list
> *Subject: Re: Poly who?
> *
> *
> *Larry Paul wrote:
> *
> *> A mono... a mona....a poly... never mind
> *> I have heard that you can purchase commercially 4 kilobit encryption &
> *> thought to myself that that sounded like overkill. On the other
> *hand Bill
> *> Gates himself said that "Nobody will ever need more than 640k of ram."
> *> Wouldn't 4 kb take a gazillion years to decrypt?
> *
> *As usual, this is a misnomer. At our current level of technology (as far
> *as you know) it would take a gazillion years to brute force decrypt it.
> *However, since encryption is typically based on large primes and
> *factoring them together, if someone comes up with a new way of doing
> *that, or as Moore's law marches on, it gets easier. Of course, storage
> *isn't keeping up with Moore, so that does tend to slow things down a
> *bit, but then, that's what caching is for.
> *
> *Keep in mind that ssh used to support a 56 bit single-DES encryption
> *scheme, which has actually been dropped (in favor of 3DES) from most ssh
> *implementations (including the "official" ssh, and OpenSSH/OpenSSL, but
> *not Cisco boxen and SecureCRT, which is what I use to admin my PIX) but
> *they decided that that was too weak and vulnerable (If you have some
> *nice hardware you can defeat it fairly rapidly) and actually stopped
> *supporting it. While I disagree with actions like this (IE, protecting
> *me from myself) it does underline the point that as time goes by, the
> *need for stronger and stronger encryption to keep up with advances in
> *technology becomes clear.
> *
> *
>
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
>
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
