Re: Random source ports in FreeBSD?

From: Mike Silbersack (silby_at_silby.com)
Date: 09/18/04

  • Next message: Willem Jan Withagen: "Re: Attacks on ssh port" 
    Date: Sat, 18 Sep 2004 15:07:34 -0500 (CDT)
To: "Danil V.Gerun" <news@625.ru>

    On Sat, 18 Sep 2004, Danil V.Gerun wrote:

    > So, as far as I got to know, randomizing source ports in FreeBSD is
    > impossible now? (to be exact - is not implemented?)
    >
    > It's very interesting to me - WHY is it so?
    > I mean - may be there are good reasons for not making all this?..

    Source port randomization was implemented before 4.10 was released. See
    in_pcb.c revisions 1.143 - 1.146, 1.59.2.27, or 1.59.2.27.2.1, depending
    on the branch you're interested in:

    http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/netinet/in_pcb.c

    > I don't have opportunity to test the FreeBSD 5 patch, but I tried to
    > analyze the patching results attentively (what I worry about - is
    > using the arc4random() function in FreeBSD 5...).

    What are your concerns with the way port randomization was implemented in
    FreeBSD?

    Mike "Silby" Silbersack
    _______________________________________________
    freebsd-security@freebsd.org mailing list
    http://lists.freebsd.org/mailman/listinfo/freebsd-security
    To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"

  • Next message: Willem Jan Withagen: "Re: Attacks on ssh port"