Random source ports in FreeBSD?

From: Danil V.Gerun (news_at_625.ru)
Date: 09/18/04

  • Next message: Mike Silbersack: "Re: Random source ports in FreeBSD?"
    Date: Sat, 18 Sep 2004 23:22:48 +0400
    To: freebsd-security@freebsd.org
    
    

    Hello, all!

    In the beginning I want to say, that this question seems to be a
    security one, isn't it so?..

    Recently I was googling for the subject and coulnd't find anything...
    Even in the opennet.ru forum nobody answered me about this.

    So, as far as I got to know, randomizing source ports in FreeBSD is
    impossible now? (to be exact - is not implemented?)

    It's very interesting to me - WHY is it so?
    I mean - may be there are good reasons for not making all this?..

    Anyway, I looked how it is done in OpenBSD and made a patch for
    FreeBSD.

    I've uploaded the patches for FreeBSD 4 and FreeBSD 5 here:
    http://www.625.ru/rlsp/
    Direct links:
    http://www.625.ru/rlsp/in_pcb.c.patch.4
    http://www.625.ru/rlsp/in_pcb.c.patch.5

    It seems to be working on my 4.9 box =) - after recompiling the
    kernel the system picks up a random port for making a connetion.

    Especially - when I increase net.inet.ip.portrange.last, for
    example, to value 20000. The ports become 'more random' :)

    What the patch does: it creates a sysctl variable
    net.inet.ip.random_lport, which is "off" by default.
    When it is nonzero, the OpenBSD method is used in
    sys/netinet/in_pcb.c (in in_pcbbind() in FreeBSD 4 and
    in_pcbbind_setup() in FreeBSD 5) to pick up a source port.
    Otherwize - the 'old' FreeBSD method is used.

    The exact OpenBSD method for finding a free random port is used (but
    that wasn't just copy-paste =)) ).

    I don't have opportunity to test the FreeBSD 5 patch, but I tried to
    analyze the patching results attentively (what I worry about - is
    using the arc4random() function in FreeBSD 5...).

    I'm eager to hear your opinions on all this, as I'm rather a newbie to
    administrating FreeBSD (and especially - to 'hacking' the kernel).

    If you find errors, please try to understand that this is the first
    time I decided to change something 'so deep' in FreeBSD and decided to
    make a patch for this ;-)) (but I tried to do my best to avoid errors)

    Some information about this patch is here - http://www.625.ru/rlsp/

    --
    Best regards, Danil V. Gerun.
    danil@hate.spam.625.ru
    _______________________________________________
    freebsd-security@freebsd.org mailing list
    http://lists.freebsd.org/mailman/listinfo/freebsd-security
    To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
    

  • Next message: Mike Silbersack: "Re: Random source ports in FreeBSD?"