Larry Paul wrote:
> Is it true that as the key expands bit-wise, the factoring time increases at
> a non-linear rate?
> If SecureCRT doesn't support 3DES, what do they (or you) recommend?
If it didn't, I would reccommend IDEA or Blowfish. It does, however.
SecureCRT does the DES, 3DES, RC4, and Blowfish ciphers for SSH1, and
3DES, RC4 and Twofish for SSH2.
> It
> seems to me (I have a lot of seams) that where we are headed with all this
> is Artificial Intelligence. And that would solve a lot of the
> mis-configuration problems & forgetfullness that security admins seem to
> exhibit at times.
Except that we have no idea if and when we will actually develop such a
thing.
> Since it seems nearly impossible to base security
> strictly on rule dominated firewall technolgy.....even with stateful
> inspection....even with IDS systems.
Nearly, perhaps, but not completely. I think the best way to handle
security would be with a combination of traditional stateful firewall
and some sort of firewall solution on the nodes themselves, with a
central control system, and public-key (or OTP) crypto between the
controlling system and then nodes. Of course, such a system would be an
insanely ambitious venture.
> Some bizarre combination of FW's, IDS,
> & security policy implementation run by an AI system all out of one box,
> with tentacles everywhere.
Right.
> Sorry, I might have gotten a little carried away
> there, but you get the idea. AI would provide instant response with a
> stateful AND thoughtful inspection.
> I know, I know, us amateurs don't have any idea what's involved. :)
Well, first you must realize that convential programming wisdom
indicates that not only does AI not exist, but it is not possible. This
of course does not stop people from trying, nor should it. Lots of
things we thought were impossible ended up being pretty basic, really,
like flight.
> Remember the universe produces idiots faster than programmers can idiot
> proof software. What are your thoughts on this?
Anytime you build something that is idiotproof, nature will build a
better idiot.
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]