Re: An Analysis of the DHEat DoS Against SSH in Cloud Environments

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



On 6/26/24 7:56 AM, Joseph S. Testa II wrote:

On Wed, 2024-06-26 at 04:32 +0200, Thorsten Glaser wrote:

If they get under attack, they’d better do. And if you’re ignoring
a known bottleneck, the results will probably not be very useful…
besides, not everyone is systemd-infested.



The primary responsibility falls on system designers to choose
reasonable default settings.
I think it's really important to get this right. The problem, from my perspective, is that a large number of people are going to installing 9.8 via package updates. They're not going to look to closely at what has changed or what they might need to do differently. Sadly, this includes a lot of people that should know better. Just how it is though. If it wasn't that way we wouldn't need something to protect users against their own weak passwords. 

I think this is a good idea. I'm just concerned about unforeseen impacts.
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux