Re: [PATCH] OpenBSD Networking-related randomization port

netdev

Re: [PATCH] OpenBSD Networking-related randomization port

To:	Lorenzo Hernández García-Hierro <lorenzo@xxxxxxx>
Subject:	Re: [PATCH] OpenBSD Networking-related randomization port
From:	Stephen Hemminger <shemminger@xxxxxxxx>
Date:	Thu, 3 Feb 2005 11:51:27 -0800
Cc:	linux@xxxxxxxxxxx, mingo@xxxxxxx, Arjan van de Ven <arjan@xxxxxxxxxxxxx>, bunk@xxxxxxxxx, Chris Wright <chrisw@xxxxxxxx>, davem@xxxxxxxxxx, Hank Leininger <hlein@xxxxxxxxxxxxxxxxxxxx>, "linux-kernel@xxxxxxxxxxxxxxx" <linux-kernel@xxxxxxxxxxxxxxx>, netdev@xxxxxxxxxxx, Valdis.Kletnieks@xxxxxx, spender@xxxxxxxxxxxxxx
In-reply-to:	<1107365917.3754.155.camel@localhost.localdomain>
Organization:	Open Source Development Lab
References:	<20050202171702.24523.qmail@science.horizon.com> <1107365917.3754.155.camel@localhost.localdomain>
Sender:	netdev-bounce@xxxxxxxxxxx

On Wed, 02 Feb 2005 18:38:37 +0100
Lorenzo Hernández García-Hierro <lorenzo@xxxxxxx> wrote:

> El mié, 02-02-2005 a las 17:17 +0000, linux@xxxxxxxxxxx escribió:
> > There *are* things in OpenBSD, like randomized port assignment (as opposed
> > to the linear scan in tcp_v4_get_port()) that would be worth emulating.
> > Maybe worry about that first?
> > 

Recent 2.6 does a more advanced form of port randomization already
using address hash at connect time.  tcp_v4_get_port is only used for the case
of applications that explicitly bind to port zero to find a free port.

So the sequence:
        socket(); connect(); 
will assign a random port in a manner similar to sequence number creation

The sequence:
        socket(); bind(); connect();
assigns a simple linear increasing port value.  It could be randomized, but
most applications don't bother binding, so the first case is sufficient.

-- 
Stephen Hemminger       <shemminger@xxxxxxxx>

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Re: [PATCH] OpenBSD Networking-related randomization port, Matt Mackall Re: [PATCH] OpenBSD Networking-related randomization port, linux Re: [PATCH] OpenBSD Networking-related randomization port, Lorenzo Hernández García-Hierro Re: [PATCH] OpenBSD Networking-related randomization port, Stephen Hemminger <= Re: [PATCH] OpenBSD Networking-related randomization port, Lennert Buytenhek Re: [PATCH] OpenBSD Networking-related randomization port, Andi Kleen Re: [PATCH] OpenBSD Networking-related randomization port, linux Re: [PATCH] OpenBSD Networking-related randomization port, Roland Dreier Re: [PATCH] OpenBSD Networking-related randomization port, linux

Previous by Date:	Re: TCP-Protection is really a pain..., Stephen Hemminger
Next by Date:	Re: TCP-Protection is really a pain..., Christian Schmid
Previous by Thread:	Re: [PATCH] OpenBSD Networking-related randomization port, Lorenzo Hernández García-Hierro
Next by Thread:	Re: [PATCH] OpenBSD Networking-related randomization port, Lennert Buytenhek
Indexes:	[Date] [Thread] [Top] [All Lists]