Re: [PATCH] OpenBSD Networking-related randomization port

• Previous message: Wiktor: "Re: AT keyboard dead on 2.6"
• In reply to: Lorenzo Hernández García-Hierro: "Re: [PATCH] OpenBSD Networking-related randomization port"
• Next in thread: Stephen Hemminger: "Re: [PATCH] OpenBSD Networking-related randomization port"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Date:	Fri, 28 Jan 2005 20:09:05 +0100
To: Lorenzo Hernández García-Hierro <lorenzo@gnu.org>

On Fri, Jan 28, 2005 at 06:47:55PM +0100, Lorenzo Hernández García-Hierro wrote:
> El vie, 28-01-2005 a las 18:40 +0100, Adrian Bunk escribió:
> > On Fri, Jan 28, 2005 at 06:17:17PM +0100, Lorenzo Hernández García-Hierro wrote:
> > >...
> > > As it's impact is minimal (in performance and development/maintenance
> > > terms), I recommend to merge it, as it gives a basic prevention for the
> > > so-called system fingerprinting (which is used most by "kids" to know
> > > how old and insecure could be a target system, many time used as the
> > > first, even only-one, data to decide if attack or not the target host)
> > > among other things.
> > >...
> >
> > "basic prevention"?
> > I hardly see how this patch makes OS fingerprinting by e.g. Nmap
> > impossible.
>
> That's an example, as you can find at the grsecurity handbook [1]:
>...
> "Randomized IP IDs hinders OS fingerprinting and will keep your machine
> from being a bounce for an untraceable portscan."
>...

The OS detection in Nmap [1], which is AFAIK the most popular port
scanner today works by e.g. checking the answer of an ACK to a closed
port.

I do still not understand how your patch has any impact on these issues.

> Cheers,
>...

cu
Adrian

[1] http://www.insecure.org/nmap/nmap-fingerprinting-article.html

-- 
       "Is there not promise of rain?" Ling Tan asked suddenly out
        of the darkness. There had been need of rain for many days.
       "Only a promise," Lao Er said.
                                       Pearl S. Buck - Dragon Seed
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

• Previous message: Wiktor: "Re: AT keyboard dead on 2.6"
• In reply to: Lorenzo Hernández García-Hierro: "Re: [PATCH] OpenBSD Networking-related randomization port"
• Next in thread: Stephen Hemminger: "Re: [PATCH] OpenBSD Networking-related randomization port"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Relevant Pages Re: [2.6 patch] drivers/pnp/: possible cleanups ... modular code will use any of them, ... Modular ISAPnP might be interesting in some cases, ... There had been need of rain for many days. ... send the line "unsubscribe linux-kernel" in ... (Linux-Kernel) Re: A users thoughts on the new dev. model ... >> when the stable tree wasn't. ... Andrew said explicitely in a mail to linux-kernel that he'd consider ... There had been need of rain for many days. ... send the line "unsubscribe linux-kernel" in ... (Linux-Kernel) Re: [2.6 patch] let W1 select NET ... > selecting the required dependencies. ... There had been need of rain for many days. ... send the line "unsubscribe linux-kernel" in ... (Linux-Kernel) Re: [2.6 patch] drivers/acpi: remove unused exported functions ... > future patches, but sometimes Real Life gets in the way and the ... > programmer stalls development for some time, no problem, just ifdef it. ... There had been need of rain for many days. ... send the line "unsubscribe linux-kernel" in ... (Linux-Kernel) Re: 2.6.12 Performance problems ... Linux has long had a philisophical ... debug your problem. ... There had been need of rain for many days. ... send the line "unsubscribe linux-kernel" in ... (Linux-Kernel)