[CentOS] what percent of time are there unpatched exploits against default config?
Marc Deop
damnshock at gmail.com
Thu Dec 29 15:41:46 UTC 2011
On Thursday 29 December 2011 14:59:14 Reindl Harald wrote:
> the hughe difference is: while having the same password (for the key)
> it can not be used directly for brute-force und you need the password
> and at least one time access to the key file
Explain me how having a key protected by a password avoids brute forcing if you loose the usb stick holding that key?
Technology is developing at a scary pace, have a look at this:
http://mytechencounters.wordpress.com/2011/04/03/gpu-password-cracking-crack-a-windows-password-using-a-graphic-card/
And this is with a simple card, imagine what you can do with a system with multiple paralel cards...
Just to be clear: I'm not arguing which system is better/more secure. I'm just pointing out one downside of having the key in a usb memory.
And bruteforcing against ssh servers are really difficult as some others have commented (and even more difficult if you limit failed connections...)
Regards
More information about the CentOS
mailing list