holy shit batman! ~$ grep -i grsec draft-ietf-tsvwg-port-randomization-00.txt ~$
as stated by the last person its very strange you do not mention grsecurity in your "Survey of the algorithms in use by some popular implementations" Are you a developer of selinux or a close friend/relative/lover? It is well known the the selinux developers are in 'grsec/pax denial' (similar to holocaust denail) and believe that their product, which does protect against any attacks and leaves many holes for the nsa to exploit in chinese networks, is superior to pax even though selinux has easily bypassable stack overflow, kernel vulernablity, and null pointer deference protections. On Dec 7, 2007 4:45 PM, Fernando Gont <[EMAIL PROTECTED]> wrote: > Vladimir, > > Our draft discusses many port randomization approaches. Some of them were > taken from existing implementations (e.g., Algorithm 1 was taken from > OpenBSD). > > However, Algorithm 3 was first described (AFAICT) in Michael Larsen's > "port randomization" paper (the first version of our port randomization > paper), which was published in 2004. As a result of that paper, Algorithm 3 > was implemented in Linux (I'm not sure if this is the implementation you're > referring to). Algorithm 4 (a slightly improved version of Algorithm 3) was > first described in an earlier version of our paper, published last year > (2006). > > In any case, the good thing here is that the IETF has taken this draft as > a WG item, and thus port randomization will hopefully be recommended for > TCP, and even for other transport protocols (scuh as UDP, SCTP, and DCCP), > as the document has been accepted by the *tsvwg* rather than any > transport-protocol-specific wg. > > Hopefully, this draft may help to have vendors (those that currently > don't) introduce port randomization in their stacks. > > Kind regards, > Fernando > > > > > > On Dec 7, 2007 4:15 AM, Vladimir Vitkov < [EMAIL PROTECTED]> wrote: > > > -----BEGIN PGP SIGNED MESSAGE----- > > Hash: SHA1 > > > > Strangely enough this stuff exists for more than 3 years ... Think GRSEC > > and more specifically Network stack randomization. > > > > Well of course bow to IETF for accepting this for draft ... > > > > Fernando Gont wrote: > > > Folks, > > > > > > We have published a revision of our port randomization paper. This is > > > the first revision of the document since it was accepted as a working > > > group item of the tsvwg working group of the IETF (Internet > > > Engineering Task Force). Any feedback on the proposed/described > > > algorithms will be welcome. > > > > > > The document is available at: > > > > > http://www.ietf.org/internet-drafts/draft-ietf-tsvwg-port-randomization-00.txt > > > > > > Additionally, it is available in other fancy formats (PDF and HTML) > > > at: http://www.gont.com.ar/drafts/port-randomization/index.html > > > > > > Thanks, > > > > > > -- > > > Fernando Gont > > > e-mail: [EMAIL PROTECTED] || [EMAIL PROTECTED] > > > PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1 > > > > > > > > > > > > > > > _______________________________________________ > > > Full-Disclosure - We believe in it. > > > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > > > Hosted and sponsored by Secunia - http://secunia.com/ > > > > - -- > > Regards > > Vladimir Vitkov > > www.hoster.bg > > > > Marijuana will be legal some day, because the many law students > > who now smoke pot will someday become congressmen and legalize > > it in order to protect themselves. > > -- Lenny Bruce > > -----BEGIN PGP SIGNATURE----- > > Version: GnuPG v1.4.6 (GNU/Linux) > > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org > > > > iD8DBQFHWPMiXwMwnJIV9/cRAouqAJ9QA7beYDnzeApGc+FKQRKxPW0lYwCeMPuZ > > TjFGVXx3BumCXjlkFmt6V78= > > =Ci85 > > -----END PGP SIGNATURE----- > > > > _______________________________________________ > > Full-Disclosure - We believe in it. > > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > > Hosted and sponsored by Secunia - http://secunia.com/ > > > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ >
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
