Date: Fri, 1 Jun 2001 03:02:29 -0700 (PDT) From: Kris Kennaway <kris@FreeBSD.org> To: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: cvs commit: src/sys/conf files options src/sys/i386/conf NOTES src/sys/netinet ip_id.c ip_input.c ip_mroute.c ip_output.c ip_var.h raw_ip.c src/sys/netinet6 ipsec.c Message-ID: <200106011002.f51A2Tf03210@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
kris 2001/06/01 03:02:29 PDT
Modified files:
sys/conf files options
sys/i386/conf NOTES
sys/netinet ip_input.c ip_mroute.c ip_output.c
ip_var.h raw_ip.c
sys/netinet6 ipsec.c
Added files:
sys/netinet ip_id.c
Log:
Add ``options RANDOM_IP_ID'' which randomizes the ID field of IP packets.
This closes a minor information leak which allows a remote observer to
determine the rate at which the machine is generating packets, since the
default behaviour is to increment a counter for each packet sent.
Reviewed by: -net
Obtained from: OpenBSD
Revision Changes Path
1.528 +2 -1 src/sys/conf/files
1.277 +2 -1 src/sys/conf/options
1.921 +8 -1 src/sys/i386/conf/NOTES
1.168 +4 -1 src/sys/netinet/ip_input.c
1.63 +6 -1 src/sys/netinet/ip_mroute.c
1.125 +6 -1 src/sys/netinet/ip_output.c
1.55 +7 -1 src/sys/netinet/ip_var.h
1.77 +6 -1 src/sys/netinet/raw_ip.c
1.11 +5 -1 src/sys/netinet6/ipsec.c
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200106011002.f51A2Tf03210>