Re: Source port randomisation on NetBSD?

To: Stephane Bortzmeyer <stephane+netbsd%bortzmeyer.org@localhost>
Subject: Re: Source port randomisation on NetBSD?
From: Geert Hendrickx <ghen%telenet.be@localhost>
Date: Sun, 24 Oct 2010 19:28:30 +0200

On Sun, Oct 24, 2010 at 03:56:12PM +0200, Stephane Bortzmeyer wrote:
> Hello (and please copy me when replying, I'm not a subscriber of this
> mailing list.)
> 
> The Internet-Draft "Transport Protocol Port Randomization
> Recommendations" will be published as a RFC in a few days. Its current
> state is AUTH48, last reading before publication,
> <http://www.rfc-editor.org/queue.html#draft-ietf-tsvwg-port-randomization>.
> 
> It discusses at length the implementation of port randomization for all
> the free Unices and NetBSD is mentioned as the only one without this
> feature (Linux, FreeBSD, OpenBSD and OpenSolaris all have it). Why is it
> so? Why not using the FreeBSD code?


ipfilter/ipnat can do source port randomisation on NetBSD (since the
Kaminsky DNS issue).


        Geert


-- 
Geert Hendrickx  -=-  ghen%telenet.be@localhost  -=-  PGP: 0xC4BB9E9F
This e-mail was composed using 100% recycled spam messages!

Follow-Ups:
- Re: Source port randomisation on NetBSD?
  - From: Stephane Bortzmeyer

References:
- Source port randomisation on NetBSD?
  - From: Stephane Bortzmeyer

Prev by Date: Re: Source port randomisation on NetBSD?
Next by Date: Re: Source port randomisation on NetBSD?
Previous by Thread: Re: Source port randomisation on NetBSD?
Next by Thread: Re: Source port randomisation on NetBSD?
Indexes:

Home | Main Index | Thread Index | Old Index