Hello, in both parts of NRPE, the buffer for the packet first gets wiped with zeroes and then gets overwritten with random numbers. A comment suggests that it's used to make it harder to distinguish between actual data and the empty space, but what I don't understand is this: You can either use SSL or not. If you don't use it, the data is unencrypted anyway and everyone can read it, right? And if you activate SSL, an attacker shouldn't be able to recognize such stuff anyway, right? I think that it has to be a very bad encryption if many zeroes would be encrypted to a repeating pattern or so. Therefore, I propose to throw out that randomness.
Note: Don't rely on this patch - it compiles, but as I don't have a test installation here to test it, I am not sure that it will work. Jann Horn
0001-removed-random-data-from-network-packets.patch
Description: application/mbox
signature.asc
Description: Dies ist ein digital signierter Nachrichtenteil
------------------------------------------------------------------------------ The ultimate all-in-one performance toolkit: Intel(R) Parallel Studio XE: Pinpoint memory and threading errors before they happen. Find and fix more than 250 security defects in the development cycle. Locate bottlenecks in serial and parallel code that limit performance. http://p.sf.net/sfu/intel-dev2devfeb
_______________________________________________ icinga-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/icinga-devel
