Re: TCP Port randomization paper

["Fernando Gont" <fernando.gont () gmail com>]

Vladimir,

Our draft discusses many port randomization approaches. Some of them were
taken from existing implementations (e.g., Algorithm 1 was taken from
OpenBSD).

However, Algorithm 3 was first described (AFAICT) in Michael Larsen's "port
randomization" paper (the first version of our port randomization paper),
which was published in 2004. As a result of that paper, Algorithm 3 was
implemented in Linux (I'm not sure if this is the implementation you're
referring to). Algorithm 4 (a slightly improved version of Algorithm 3) was
first described in an earlier version of our paper, published last year
(2006).

In any case, the good thing here is that the IETF has taken this draft as a
WG item, and thus port randomization will hopefully be recommended for TCP,
and even for other transport protocols (scuh as UDP, SCTP, and DCCP), as the
document has been accepted by the *tsvwg* rather than any
transport-protocol-specific wg.

Hopefully, this draft may help to have vendors (those that currently don't)
introduce port randomization in their stacks.

Kind regards,
Fernando




On Dec 7, 2007 4:15 AM, Vladimir Vitkov < v.vitkov () cnsys bg> wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Strangely enough this stuff exists for more than 3 years ... Think GRSEC
> and more specifically Network stack randomization.
>
> Well of course bow to IETF for accepting this for draft ...
>
> Fernando Gont wrote:
> > Folks,
> >
> > We have published a revision of our port randomization paper. This is
> > the first revision of the document since it was accepted as a working
> > group item of the tsvwg working group of the IETF (Internet
> > Engineering Task Force). Any feedback on the proposed/described
> > algorithms will be welcome.
> >
> > The document is available at:
> http://www.ietf.org/internet-drafts/draft-ietf-tsvwg-port-randomization-00.txt
> > Additionally, it is available in other fancy formats (PDF and HTML)
> > at: http://www.gont.com.ar/drafts/port-randomization/index.html
> >
> > Thanks,
> >
> > --
> > Fernando Gont
> > e-mail: fernando () gont com ar || fgont () acm org
> > PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1
> >
> >
> >
> >
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > Hosted and sponsored by Secunia - http://secunia.com/
>
> - --
> Regards
> Vladimir Vitkov
> www.hoster.bg
>
> Marijuana will be legal some day, because the many law students
> who now smoke pot will someday become congressmen and legalize
> it in order to protect themselves.
>     -- Lenny Bruce
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.6 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iD8DBQFHWPMiXwMwnJIV9/cRAouqAJ9QA7beYDnzeApGc+FKQRKxPW0lYwCeMPuZ
> TjFGVXx3BumCXjlkFmt6V78=
> =Ci85
> -----END PGP SIGNATURE-----
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/