New User, Welcome!     Login

Diffie Hellman

Cisco Security Advisory: Cisco IOS Software Crafted Encryption Packet Denial of Service Vulnerability

in the following example:

    Router#show ip ssh 
    SSH Enabled - version 1.99
    Authentication timeout: 120 secs; Authentication retries: 3
    Minimum expected Diffie Hellman key size : 1024 bits

To determine if the IKE encrypted nonces feature is enabled, use the 
"show running-config | include rsa-encr" command as follows:

    Router#show running-config | inc rsa-encr

Cisco Security Advisory: Cisco IOS Software Internet Key Exchange Resource Exhaustion Vulnerability

    Global IKE policy
    Default protection suite
            encryption algorithm:   DES - Data Encryption Standard (56 bit keys).
            hash algorithm:         Secure Hash Standard
            authentication method:  Rivest-Shamir-Adleman Signature
            Diffie-Hellman group:   #1 (768 bit)
            lifetime:               86400 seconds, no volume limit

To determine the Cisco IOS Software release that is running on a
Cisco product, administrators can log in to the device and issue the 
"show version" command to display the system banner. The system banner


Copyright © 1995-2012 LinuxRocket.net. All rights reserved.

Nearly all of LinuxRocket's features are free. Be kind and donate to the cause!