Implementing RFC 6056
greg at kroah.com
Thu Jun 2 17:32:20 EDT 2011
On Thu, Jun 02, 2011 at 10:58:40PM +0530, Arjun S R wrote:
> On Wed, Jun 1, 2011 at 03:11, Greg KH <greg at kroah.com> wrote:
> > On Wed, Jun 01, 2011 at 12:38:34AM +0530, Arjun S R wrote:
> >> Hi,
> >> I would like implement RFC 6506 in linux kernel. It seems no one has
> >> implemented it.
> >> Its mainly about Transport protocol port randomisation. The fixed
> >> order[sequence of predictable randomness] of allocation of ephemeral
> >> port to application on request can cause malicious users to hijack
> >> connections based on time spent by the tcp ip api in various states.
> >> I have read the standards and is willing to go forward. Please post comments.
> > Post your patches on the netdev mailing list and see what they say about
> > it there. You might find that this isn't really needed as we already
> > handle this properly through other means...
> Thanks, could you please suggest the files in the kernel source tree
> that I should go through for the task?
Have you looked in net/*
Yes it's a lot, but that would be where you need to make changes if you
were to implement such a thing.
More information about the Kernelnewbies