Re: [PATCH] OpenBSD Networking-related randomization port
From: Lorenzo Hernández García-Hierro <hidden>
Date: 2005-01-28 18:56:05
Also in:
lkml
Possibly related (same subject, not in this thread)
- 2005-02-13 · Re: [PATCH] OpenBSD Networking-related randomization port · <hidden>
- 2005-02-13 · Re: [PATCH] OpenBSD Networking-related randomization port · Roland Dreier <hidden>
- 2005-02-12 · Re: [PATCH] OpenBSD Networking-related randomization port · <hidden>
- 2005-02-12 · Re: [PATCH] OpenBSD Networking-related randomization port · Andi Kleen <hidden>
- 2005-02-03 · Re: [PATCH] OpenBSD Networking-related randomization port · Lennert Buytenhek <hidden>
El vie, 28-01-2005 a las 10:18 -0800, Stephen Hemminger escribió:
This is a very transitory effect, it works only because your machine is then different from the typical Linux machine; therefore the scanner will go on to the next obvious ones. But if this gets incorporated widely then the rarity factor goes away and this defense becomes useless.
I would prefer to say that such "rarity factor" comes directly from the "rarity factor" given by the PRNG. So, we should take "rarity factor" as the PRNG seed entropy and not as a predictable value (not in a reasonable time manner, which is the goal of most crypto-related developments, to make as much difficult as possible to cause an information leak, and if such leak happens, ensure that the information is no longer needed, private, confidential, critical, whateverelse) (AFAIK). So, there's no point at that claim. Cheers, -- Lorenzo Hernández García-Hierro [off-list ref] [1024D/6F2B2DEC] & [2048g/9AE91A22][http://tuxedo-es.org]
Attachments
- signature.asc [application/pgp-signature] 189 bytes