Re: How does Linux do RTTM?

[Evgeniy Polyakov]

On Sat, Aug 12, 2006 at 09:31:42AM -0400, John Richard Moser (nigelenki@xxxxxxxxxxx) wrote:
> I'm told now that it uses Jiffies for TCP timestamps.  I've had thoughts
> on this:
> 
>  - I figured a random timestamp with random microsecond skew would be
> nice but this might expose internals of the RNG; amusingly I'm trying
> not to expose internals of the RNG by exposing system time.
> 
>  - Someone recommended starting at zero.  This would work, really,
> there's no attacks based on guessing the TCP timestamp value.  This is
> nice since if I want to hax0rz then I might make a connection and see
> how many jiffies there are to get a feel for the system's uptime; this
> tells me how long since you upgraded your kernel, so I have an arsenal
> of vulns I KNOW you haven't fixed ready ;)  Starting at 0 doesn't give
> that information.
> 
> Comments?

Starting TCP timestamp from zero or any other arbitrary value for each 
new connection will not give you any security benefits. There is no 
simple way aleph1 or e-eye will get a remote shell or steal your credit 
card number if there is a buffer overflow in kernel and they will know 
it's release.
So your proposals just are not needed for majority of people, but if you
strongly feel it will help to find a cure for cancer, implement it and
prove it's usefullness to netdev community.

-- 
	Evgeniy Polyakov
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/