Date: Sat, 18 Sep 2004 15:07:34 -0500 (CDT) From: Mike Silbersack <silby@silby.com> To: "Danil V.Gerun" <news@625.ru> Cc: freebsd-security@freebsd.org Subject: Re: Random source ports in FreeBSD? Message-ID: <20040918150205.A8909@odysseus.silby.com> In-Reply-To: <621146771453.20040918232248@625.ru> References: <621146771453.20040918232248@625.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 18 Sep 2004, Danil V.Gerun wrote: > So, as far as I got to know, randomizing source ports in FreeBSD is > impossible now? (to be exact - is not implemented?) > > It's very interesting to me - WHY is it so? > I mean - may be there are good reasons for not making all this?.. Source port randomization was implemented before 4.10 was released. See in_pcb.c revisions 1.143 - 1.146, 1.59.2.27, or 1.59.2.27.2.1, depending on the branch you're interested in: http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/netinet/in_pcb.c > I don't have opportunity to test the FreeBSD 5 patch, but I tried to > analyze the patching results attentively (what I worry about - is > using the arc4random() function in FreeBSD 5...). What are your concerns with the way port randomization was implemented in FreeBSD? Mike "Silby" Silbersack
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040918150205.A8909>