From: Christian Grothoff <grothoff@in.tum.de>
To: Jacob Appelbaum <jacob@appelbaum.net>
Cc: Andi Kleen <andi@firstfloor.org>,
Stephen Hemminger <stephen@networkplumber.org>,
David Miller <davem@davemloft.net>,
netdev@vger.kernel.org, linux-kernel@vger.kernel.org,
knock@gnunet.org
Subject: Re: [PATCH] TCP: add option for silent port knocking with integrity protection
Date: Thu, 12 Dec 2013 12:43:59 +0100 [thread overview]
Message-ID: <52A9A17F.6050505@in.tum.de> (raw)
In-Reply-To: <52A98DBF.4090702@appelbaum.net>
[-- Attachment #1.1: Type: text/plain, Size: 1208 bytes --]
On 12/12/2013 11:19 AM, Jacob Appelbaum wrote:
> I think that generally, I would prefer if the code didn't use MD5 but
> otherwise, I don't see any real risk of adding an exploitable hole. It
> seems silly to disable it by default though - ideally, I'd like a sysctl
> to ensure that Tor could use this without making the user recompile
> their kernel. That is more of a pain than running a userspace helper, I
> think.
>
> All the best,
> Jacob
Given that the output is truncated to 32 bits and that performance (SYN
flood) is also a concern, AND that the original TCP SQN generation is
also MD5-based (and we want to look the same), what disadvantage do you
see over MD5? Given the truncation to 32 bits, I don't think a stronger
hash would do anything for us.
As for it being disabled by default, we did this with respect to
kernel submission guidelines which we understood said that features
should _initially_ always be submitted with disabled-by-default
(presumably so that until they have stabilized, nobody is harmed
unless they explicitly activate the code).
I don't see the point in having a sysctl, as applications have to
explicitly request it anyway.
-Christian
[-- Attachment #1.2: 0x48426C7E.asc --]
[-- Type: application/pgp-keys, Size: 8705 bytes --]
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 259 bytes --]
next prev parent reply other threads:[~2013-12-12 11:44 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-12-10 18:35 [PATCH] TCP: add option for silent port knocking with integrity protection Christian Grothoff
2013-12-11 20:01 ` David Miller
2013-12-11 20:19 ` Christian Grothoff
2013-12-11 20:26 ` Stephen Hemminger
2013-12-11 20:39 ` Christian Grothoff
2013-12-11 21:25 ` Andi Kleen
2013-12-11 22:53 ` Christian Grothoff
2013-12-12 1:23 ` Andi Kleen
2013-12-12 10:19 ` Jacob Appelbaum
2013-12-12 11:43 ` Christian Grothoff [this message]
2013-12-12 12:23 ` Jacob Appelbaum
2013-12-12 14:34 ` Eric Dumazet
2013-12-12 15:07 ` Christian Grothoff
2013-12-12 15:33 ` Eric Dumazet
2013-12-12 15:46 ` Hannes Frederic Sowa
2013-12-13 3:07 ` Hannes Frederic Sowa
2014-08-19 19:36 ` Alexander Holler
2014-08-20 8:24 ` Hagen Paul Pfeifer
2014-08-20 9:07 ` Alexander Holler
2014-08-20 9:28 ` Hagen Paul Pfeifer
2014-08-20 9:47 ` Alexander Holler
2014-08-20 10:20 ` Alexander Holler
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=52A9A17F.6050505@in.tum.de \
--to=grothoff@in.tum.de \
--cc=andi@firstfloor.org \
--cc=davem@davemloft.net \
--cc=jacob@appelbaum.net \
--cc=knock@gnunet.org \
--cc=linux-kernel@vger.kernel.org \
--cc=netdev@vger.kernel.org \
--cc=stephen@networkplumber.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.