Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
Re: 28, 394 routers running a SSL VPN module with same 512-bit public RSA key
2 views
Skip to first unread message
Jack Ryan
Mar 18, 2015, 10:28:14 PM3/18/15
to
In article <747ee239520ea8b6...@remailer.privacy.at>
"Anonymous Remailer (austria)" <mixm...@remailer.privacy.at>
wrote:
>
>
> Many hosts (either servers or other Internet-connected devices)
> share the same 512-bit public key. In one egregious example, 28,394
> routers running a SSL VPN module all use the same 512-bit public
> RSA key.
>
> www.itworld.com/article/2897775/researchers-find-same-rsa-
> encryption-key-used-28000-times.html
Shit...that's funny. Talk about goombas following each other
off a cliff.
I got one for you.
When IBM rolled out the AS/400, they sold hundreds of thousands.
Eventually it became necessary for TCP/IP on all these systems
and IBM dutifully documented it in a Redbook, several in fact.
Did a great job too. The problem is this. Despite all the time
and training IBMers get, they are woefully weak - and always
have been weak on networking. They understood SNA and broken
ring technologies, but ordinary Ethernet and TCP/IP just blew
their brain cells out. Maybe it was too simple.
Anyway, many of the AS/400 administrators followed the
instructions in the Redbook exactly, and most stumbled on
*DFTROUTE and basic TCP/IP addressing. DNS? WTF is that? When
it came time to hook these systems up to the Internet - there
was a problem. The AS/400 guys and gals had followed the exact
configuration example in the Redbook, including the exact
addressing and a small mistake that escaped the proofers.
Tens of thousands of AS/400 systems and networks were configured
with the EXACT Class A public addressing that IBM had in the
Redbook.
Then to top it off, they failed to implement *DFTROUTE and had
numerous undocumented static routes going everywhere.
It was simple to fix, but you would not believe how many morons
there are running AS/400s who simply refused to believe that
they had done anything wrong.
"Anonymous Remailer (austria)" <mixm...@remailer.privacy.at>
wrote:
>
>
> Many hosts (either servers or other Internet-connected devices)
> share the same 512-bit public key. In one egregious example, 28,394
> routers running a SSL VPN module all use the same 512-bit public
> RSA key.
>
> www.itworld.com/article/2897775/researchers-find-same-rsa-
> encryption-key-used-28000-times.html
Shit...that's funny. Talk about goombas following each other
off a cliff.
I got one for you.
When IBM rolled out the AS/400, they sold hundreds of thousands.
Eventually it became necessary for TCP/IP on all these systems
and IBM dutifully documented it in a Redbook, several in fact.
Did a great job too. The problem is this. Despite all the time
and training IBMers get, they are woefully weak - and always
have been weak on networking. They understood SNA and broken
ring technologies, but ordinary Ethernet and TCP/IP just blew
their brain cells out. Maybe it was too simple.
Anyway, many of the AS/400 administrators followed the
instructions in the Redbook exactly, and most stumbled on
*DFTROUTE and basic TCP/IP addressing. DNS? WTF is that? When
it came time to hook these systems up to the Internet - there
was a problem. The AS/400 guys and gals had followed the exact
configuration example in the Redbook, including the exact
addressing and a small mistake that escaped the proofers.
Tens of thousands of AS/400 systems and networks were configured
with the EXACT Class A public addressing that IBM had in the
Redbook.
Then to top it off, they failed to implement *DFTROUTE and had
numerous undocumented static routes going everywhere.
It was simple to fix, but you would not believe how many morons
there are running AS/400s who simply refused to believe that
they had done anything wrong.
0 new messages