https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=274550
John F. Carr <j...@mit.edu> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |j...@mit.edu --- Comment #3 from John F. Carr <j...@mit.edu> --- These don't look like FreeBSD-specific side channels to me, but the expected way IP works. There are tunables net.inet.{udp,tcp}.blackhole for sysadmins who are afraid of revealing port numbers, and net.inet.icmp.icmplim_jitter to mitigate issue 10. Are you imagining a local attacker whose privileges do not include netstat trying to deduce the code path taken by a packet through the kernel using cache misses and branch mispredictions? -- You are receiving this mail because: You are the assignee for the bug.