Implementing RFC 6056
Greg KH
greg at kroah.com
Tue May 31 17:41:13 EDT 2011
On Wed, Jun 01, 2011 at 12:38:34AM +0530, Arjun S R wrote:
> Hi,
> I would like implement RFC 6506 in linux kernel. It seems no one has
> implemented it.
>
> Its mainly about Transport protocol port randomisation. The fixed
> order[sequence of predictable randomness] of allocation of ephemeral
> port to application on request can cause malicious users to hijack
> connections based on time spent by the tcp ip api in various states.
>
> I have read the standards and is willing to go forward. Please post comments.
Post your patches on the netdev mailing list and see what they say about
it there. You might find that this isn't really needed as we already
handle this properly through other means...
More information about the Kernelnewbies
mailing list