Thanks

Stuart Stock (stuart@gundaker.com)
Wed, 9 Apr 1997 17:02:35 -0500 (CDT)


Thank you to everybody who responded for my request for help. Using
udprelay on our firewall is working great. 26 P-166's running BSDI and
Linux, a P-133 running Win95, 2 P-100's running NT, and 5 P-90's running
Linux and BSDI are now searching keyspace.

For those who might do this sort of thing:

1. If your firewall is running Linux, FreeBSD, BSDI, NetBSD, or anything
that lacks the SYSV poll() call grab the BSD compatible version of
udprelay by Brian Clapper from
ftp://ftp.telebase.com/pub/security/udprelay-0.2.bsdi.tar.gz
2. Edit the makefile to reflect your local config and compile.
3. Create a udprelay.conf with the following parameters:

relay *.your.domain * 8669 keymaster.verser.frii.com 8669 any

4. Start udprelay on the firewall, and start your clients like this:
% deschall-xxxx-x your.firewall

Now sit back and watch the keyspace crumble.

As a side note, the HP9000 client doesn't appear to be as optimized as
some of the others. Our 9000 model G50 is running 4 to 5 times slower than
a P-90. This type of performance hit could be from a compile targeted for
a different processor version. What model of the HPPA was the client
compiled for?

stuart

--
Stuart Stock				       stuart@gundaker.com
Systems/Security Administrator		       http://www.gundaker.com
Gundaker Realtors			       "Blowing a buffer as we speak"