From owner-freebsd-questions Wed Oct 21 08:48:00 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id IAA02624 for freebsd-questions-outgoing; Wed, 21 Oct 1998 08:48:00 -0700 (PDT) (envelope-from owner-freebsd-questions@FreeBSD.ORG) Received: from tellab5.tellabs.com (tellab5.tellabs.com [138.111.243.28]) by hub.freebsd.org (8.8.8/8.8.8) with SMTP id IAA02616 for ; Wed, 21 Oct 1998 08:47:56 -0700 (PDT) (envelope-from mikebo@tellabs.com) Received: from tellabs.com by tellab5.tellabs.com with smtp (Smail3.1.29.1 #4) id m0zW0Tr-003BMfC; Wed, 21 Oct 98 10:47 CDT Received: (from mikebo@localhost) by tellabs.com (8.8.8/8.8.8) id KAA02334; Wed, 21 Oct 1998 10:47:17 -0500 (CDT) (envelope-from mikebo) From: Mike Borowiec Message-Id: <199810211547.KAA02334@tellabs.com> Subject: Netscape 4.5 strong encryption trick doesn't work? To: questions@FreeBSD.ORG Date: Wed, 21 Oct 1998 10:47:16 -0500 (CDT) Cc: mikebo@tellabs.com (Mike Borowiec) X-Mailer: ELM [version 2.4ME+ PL40 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Greetings - On Wed, 14 Oct 1998, Andre Albsmeier wrote: > Pipe any exportable netscape 4.0x through the following program and > you get strong encryption. That's what I do always with the 40-bit > versions for HP-UX, FreeBSD, IRIX, SunOS and even Winblows. It keeps > me from having to wait until fortify comes out... > > - ---------------------- snip -------------------------- > > #!/usr/local/bin/perl -0pi > s/BITS:.*/$_=$&;y,a-z, ,;s, {4}$,true,gm;s, 512,2048,;$_/es > > - ---------------------- snap -------------------------- > > -Andre Well, this script doesn't seem to work for Netscape 4.5 for FreeBSD. I piped it through the script, and when run, it still displays that it is using International (read weak) encryption. I looking at the strings in the binary, it appears that the banner message is dynamically built: # strings netscape | grep supports This version supports %s security with %s. So if the script had worked, wouldn't it change the banner to show it was using Domestic (read strong) encryption? Has Netscape purposely thwarted the Perl filter? Anyone have an answer? Regards, - Mike -- -------------------------------------------------------------------------- Michael Borowiec -- mikebo@tellabs.com -- Tellabs Operations, Inc. Systems Analyst, Corporate Software Tools 4951 Indiana Ave., MS 63 630-512-8019 FAX: 630-512-7099 Lisle, IL 60532 USA -------------------------------------------------------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message