7a3c8f81a5
ISS attacks (which we already fend off quite well). 1. First-cut implementation of RFC1948, Steve Bellovin's cryptographic hash method of generating TCP ISS values. Note, this code is experimental and disabled by default (experimental enough that I don't export the variable via sysctl yet, either). There are a couple of issues I'd like to discuss with Steve, so this code should only be used by people who really know what they're doing. 2. Per a recent thread on Bugtraq, it's possible to determine a system's uptime by snooping the RFC1323 TCP timestamp options sent by a host; in 4.4BSD, timestamps are created by incrementing the tcp_now variable at 2 Hz; there's even a company out there that uses this to determine web server uptime. According to Newsham's paper "The Problem With Random Increments", while NetBSD's TCP ISS generation method is much better than the "random increment" method used by FreeBSD and OpenBSD, it is still theoretically possible to mount an attack against NetBSD's method if the attacker knows how many times the tcp_iss_seq variable has been incremented. By not leaking uptime information, we can make that much harder to determine. So, we avoid the leak by giving each TCP connection a timebase of 0. |
||
|---|---|---|
| bin | ||
| crypto | ||
| dist | ||
| distrib | ||
| etc | ||
| games | ||
| gnu | ||
| include | ||
| lib | ||
| libexec | ||
| regress | ||
| sbin | ||
| share | ||
| sys | ||
| usr.bin | ||
| usr.sbin | ||
| Makefile | ||
| Makefile.inc | ||
| UPDATING | ||