[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Continuous brute force attempt from own server !!! (OT question)



On Sat, 27 Jul 2013, Paul E Condon wrote:
> I intended the question to be answered in the context of the post by
> Henrique de Moraes Holschuh, where 'across security domains' is
> considered less desirable than 'across hosts'. I know what hosts are
> when writing computer stuff, but, come to think about it what does it
> mean to rotate keys? Is the idea that a particular key string is to be

Switching to a new one and disposing of the older one is, for whatever
reason, usually called "rotating the keys".

> reused on some host after it has been removed from service on some
> other host? I had thought that it was best to never use a retired key
> string again - but security is tricky - maybe there might be some

You're correct.  It is best to dispose of old keys, and never reuse them.

> point in using old strings as the keys on some (unmentioned) honey pot
> servers.

You could do that, but there might be risks associated with that (or not).

-- 
  "One disk to rule them all, One disk to find them. One disk to bring
  them all and in the darkness grind them. In the Land of Redmond
  where the shadows lie." -- The Silicon Valley Tarot
  Henrique Holschuh


Reply to: