Date: Sat, 04 Apr 2015 10:40:27 +0200 From: Hans Petter Selasky <hps@selasky.org> To: Gleb Smirnoff <glebius@FreeBSD.org> Cc: "freebsd-net@freebsd.org" <freebsd-net@freebsd.org>, "Robert N. M. Watson" <rwatson@freebsd.org> Subject: Re: Patch to reduce use of global IP ID value(s) to avoid leaking information Message-ID: <551FA37B.90609@selasky.org> In-Reply-To: <20150403213641.GM64665@glebius.int.ru> References: <551F034A.3040402@selasky.org> <20150403213641.GM64665@glebius.int.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi Gleb, On 04/03/15 23:36, Gleb Smirnoff wrote: > The documentation on net.inet.ip.random_id is solid and doesn't need the > text from your commit. Let me detail a bit more. The old text describing "random_id" clearly gives the wrong impression. It says that information is only leaking one way. It is for sure very misleading. Information can leak both from the inside to the outside and from the outside to the inside. And also between two outsiders or two insiders. That's what's scares me. Try using my testapp if you don't believe me. Given that the ICMP limit is 200 per second by default, I would guess that 199 bits could at maximum be transferred per second in between two parties using the proper algorithms. If I myself was setting up a firewall, this is the kind of stuff I would like to know about in advance. --HPS
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?551FA37B.90609>