Full Disclosure mailing list archives
Re: TCP Port randomization paper
From: reepex <reepex () gmail com>
Date: Sat, 8 Dec 2007 23:20:48 -0600
holy shit batman! ~$ grep -i grsec draft-ietf-tsvwg-port-randomization-00.txt ~$ as stated by the last person its very strange you do not mention grsecurity in your "Survey of the algorithms in use by some popular implementations" Are you a developer of selinux or a close friend/relative/lover? It is well known the the selinux developers are in 'grsec/pax denial' (similar to holocaust denail) and believe that their product, which does protect against any attacks and leaves many holes for the nsa to exploit in chinese networks, is superior to pax even though selinux has easily bypassable stack overflow, kernel vulernablity, and null pointer deference protections. On Dec 7, 2007 4:45 PM, Fernando Gont <fernando.gont () gmail com> wrote:
Vladimir, Our draft discusses many port randomization approaches. Some of them were taken from existing implementations (e.g., Algorithm 1 was taken from OpenBSD). However, Algorithm 3 was first described (AFAICT) in Michael Larsen's "port randomization" paper (the first version of our port randomization paper), which was published in 2004. As a result of that paper, Algorithm 3 was implemented in Linux (I'm not sure if this is the implementation you're referring to). Algorithm 4 (a slightly improved version of Algorithm 3) was first described in an earlier version of our paper, published last year (2006). In any case, the good thing here is that the IETF has taken this draft as a WG item, and thus port randomization will hopefully be recommended for TCP, and even for other transport protocols (scuh as UDP, SCTP, and DCCP), as the document has been accepted by the *tsvwg* rather than any transport-protocol-specific wg. Hopefully, this draft may help to have vendors (those that currently don't) introduce port randomization in their stacks. Kind regards, Fernando On Dec 7, 2007 4:15 AM, Vladimir Vitkov < v.vitkov () cnsys bg> wrote:-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Strangely enough this stuff exists for more than 3 years ... Think GRSEC and more specifically Network stack randomization. Well of course bow to IETF for accepting this for draft ... Fernando Gont wrote:Folks, We have published a revision of our port randomization paper. This is the first revision of the document since it was accepted as a working group item of the tsvwg working group of the IETF (Internet Engineering Task Force). Any feedback on the proposed/described algorithms will be welcome. The document is available at:http://www.ietf.org/internet-drafts/draft-ietf-tsvwg-port-randomization-00.txtAdditionally, it is available in other fancy formats (PDF and HTML) at: http://www.gont.com.ar/drafts/port-randomization/index.html Thanks, -- Fernando Gont e-mail: fernando () gont com ar || fgont () acm org PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/- -- Regards Vladimir Vitkov www.hoster.bg Marijuana will be legal some day, because the many law students who now smoke pot will someday become congressmen and legalize it in order to protect themselves. -- Lenny Bruce -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHWPMiXwMwnJIV9/cRAouqAJ9QA7beYDnzeApGc+FKQRKxPW0lYwCeMPuZ TjFGVXx3BumCXjlkFmt6V78= =Ci85 -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- TCP Port randomization paper Fernando Gont (Dec 06)
- Re: TCP Port randomization paper Vladimir Vitkov (Dec 06)
- Re: TCP Port randomization paper Fernando Gont (Dec 07)
- Re: TCP Port randomization paper reepex (Dec 08)
- Re: TCP Port randomization paper Fernando Gont (Dec 11)
- Re: TCP Port randomization paper Fernando Gont (Dec 07)
- Re: TCP Port randomization paper Vladimir Vitkov (Dec 06)