* Lorenzo Hernández García-Hierro: > As it's impact is minimal (in performance and development/maintenance > terms), I recommend to merge it, as it gives a basic prevention for the > so-called system fingerprinting (which is used most by "kids" to know > how old and insecure could be a target system, many time used as the > first, even only-one, data to decide if attack or not the target host) > among other things.
The most important result of such a patch is source port randomization for DNS queries to resolvers. This gives you a few more bits (DNS itself has just a 16 bit "unique" ID, which isn't too hard to brute-force these days, unfortunately). - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
