Date: Wed, 30 Apr 2003 16:17:12 -0700 From: "Crist J. Clark" <crist.clark@attbi.com> To: Garrett Wollman <wollman@lcs.mit.edu> Cc: net@FreeBSD.org Subject: Re: Reducing ip_id information leakage Message-ID: <20030430231712.GC3912@blossom.cjclark.org> In-Reply-To: <200304292247.h3TMlpPU044307@khavrinen.lcs.mit.edu> References: <200304292247.h3TMlpPU044307@khavrinen.lcs.mit.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Apr 29, 2003 at 06:47:51PM -0400, Garrett Wollman wrote: [snip] > Index: ip_output.c > =================================================================== > RCS file: /home/cvs/src/sys/netinet/ip_output.c,v > retrieving revision 1.187 > diff -u -r1.187 ip_output.c > --- ip_output.c 12 Apr 2003 06:11:46 -0000 1.187 > +++ ip_output.c 29 Apr 2003 22:42:55 -0000 > @@ -223,17 +223,29 @@ > pkt_dst = args.next_hop ? args.next_hop->sin_addr : ip->ip_dst; > > /* > - * Fill in IP header. > + * Fill in IP header. If we are not allowing fragmentation, > + * then the ip_id field is meaningless, so send it as zero > + * to reduce information leakage. Otherwise, if we are not > + * randomizing ip_id, then don't bother to convert it to network > + * byte order -- it's just a nonce. Note that a 16-bit counter > + * will wrap around in less than 10 seconds at 100 Mbit/s on a > + * medium with MTU 1500. See Steven M. Bellovin, "A Technique > + * for Counting NATted Hosts", Proc. IMW'02, available at > + * <http://www.research.att.com/~smb/papers/fnat.pdf>. > */ [snip] > - ip->ip_id = htons(ip_id++); > + ip->ip_id = ip_id++; This is actually bad with respect to the spirit of the paper and the whole idea of information leakage. If I have two FreeBSD machines, one i386 and one sparc64, they now look different to someone sniffing the traffic. If I leave the htons(), all of my FreeBSD hosts look alike. There is less information content in the IP ID field. -- Crist J. Clark | cjclark@alum.mit.edu | cjclark@jhu.edu http://people.freebsd.org/~cjc/ | cjc@freebsd.org
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030430231712.GC3912>