2.6 kernel patches
Simon Perreault
nomis80 at nomis80.org
Mon Dec 22 02:53:24 UTC 2003
Benny Amorsen wrote:
> Please kill off CIPE for good. It is insecure. If you absolutely /must/
> include a protocol with such limitations, at least pick OpenVPN. I say
> that as a current user of CIPE who is in the process of switching.
It is also prone to a very easy DoS attack, which I reported to Red Hat
a long time ago. This has not been fixed, which means I can DoS any CIPE
server with only one packet. Alan Cox said he could not reproduce, but
we have tested this with many versions of CIPE and of Red Hat Linux and
it has not been fixed upstream either. See
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=66507 for more info.
--
Simon Perreault <nomis80 at nomis80.org>
http://nomis80.org
"If voting could really change things, it would be illegal."
--Excerpt from a Diebold Election Systems internal memo.
More information about the devel
mailing list