From owner-freebsd-security Tue Apr 13 16:23:18 1999 Delivered-To: freebsd-security@freebsd.org Received: from goblin.citadel.com.au (unknown [203.41.114.178]) by hub.freebsd.org (Postfix) with ESMTP id 000F21518F for ; Tue, 13 Apr 1999 16:23:12 -0700 (PDT) (envelope-from nick@citadel.com.au) Received: by goblin.citadel.com.au; id TAA02138; Wed, 14 Apr 1999 19:23:11 +1000 (EST) Received: from unknown(192.168.3.1) by goblin.citadel.com.au via smap (4.1) id xma002136; Wed, 14 Apr 99 19:22:32 +1000 Message-Id: <4.1.19990414111715.00acdb90@192.168.2.9> X-Sender: ncb@192.168.2.9 X-Mailer: QUALCOMM Windows Eudora Pro Version 4.1 Date: Wed, 14 Apr 1999 11:22:47 +1000 To: Keith Stevenson , freebsd-security@freebsd.org From: Nicholas Brawn Subject: Re: Sequential TCP port allocation? Cc: jared@puck.nether.net In-Reply-To: <19990413123125.B25109@homer.louisville.edu> References: <19990413113039.H17083@puck.nether.net> <19990412120126.B15762@homer.louisville.edu> <199904131505.LAA21502@cc942873-a.ewndsr1.nj.home.com> <19990413113039.H17083@puck.nether.net> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org At 12:31 PM 4/13/99 -0400, Keith Stevenson wrote: > > >Ok, exactly what did all of that have to do with my question? To restate: > >FreeBSD 2.2.8-STABLE appears to allocate TCP ports in sequential order. ISS >identifies this as a potential security issue. My question is whether or not >a sysctl or other configuration parameter exists which causes TCP ports to be >allocated in a more random order. Furthermore, does anyone know whether or not >FreeBSD 3.1-STABLE exhibits the same port allocation behavior as 2.2.8? I believe FreeBSD 3.1 exhibites the same behaviour. The actual place where the port allocation takes place is in /sys/netinet/in_pcb.c, specifically the in_pcbbind() function. If you look at the OpenBSD equivalent, they've implemented random allocation. I may be being a bit cynical here, but unless someones feeling radical, something along these lines will never be implemented into the base install, regardless of whether you implemented it with a sysctl knob. I'm actually looking at whipping up a patch to implement this, as soon as time permits. :) > >What I do not want is to participate in a debate over whether or not >sequential port allocation is a "real" security exposure. > >Regards, >--Keith Stevenson-- > >-- >Keith Stevenson >System Programmer - Data Center Services - University of Louisville >k.stevenson@louisville.edu >PGP key fingerprint = 4B 29 A8 95 A8 82 EA A2 29 CE 68 DE FC EE B6 A0 > > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-security" in the body of the message Cheers, Nick To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message