[grsec] grsec's tcp source port randomization

Brant Williams brant at tnarb.net
Wed Apr 25 09:33:46 EDT 2007 

A couple of list members have asked where I found the grsec changelog... 
it's way outdated, for 2.1.0 from 2005...

http://www.securityfocus.com/archive/1/386374

So I'm still wondering when/why TCP source port randomization was 
removed... I've checked against grsec 2.1.10 for vanilla 2.4.34 as well as 
Gentoo's hardened sources 2.6.18.

It's not a big deal, as I don't use grsec in any production environments 
(so far just for personal interest).  As this used to be(?) a feature, it 
would simply be nice to know what happened with it...and also if there are 
any recent grsec changelogs... =)

Thanks, and sorry to be a pest.

-brant


Public GPG/PGP key for Brant Williams: 0x88E1AA9E.
Available at your friendly local public keyserver.



On Wed, 25 Apr 2007, [email redacted] wrote:

> Hi,
> 
> Where did you find the changelogs?
> 
> Thx.
> Tibor 
> 
> -----Original Message-----
> From: Brant Williams [mailto:brant at tnarb.net] 
> Sent: Sunday, April 22, 2007 3:49 AM
> To: grsecurity at grsecurity.net
> Subject: Re: [grsec] grsec's tcp source port randomization
> 
> 
> 
> Sorry, just found the changelogs. ;)
> 
> 
> Public GPG/PGP key for Brant Williams: 0x88E1AA9E.
> Available at your friendly local public keyserver.
> 
> 
> 
> On Sat, 21 Apr 2007, Brant Williams wrote:
> 
> > 
> > Hello,
> > 
> > I just happened to notice that there no longer seems to be a grsec kernel 
> > option to randomize TCP source ports.  Just wondering when/why this was 
> > removed.  Also... is there a grsec changelog somewhere?  I don't seen one 
> > in the kernel source tree, or online.
> > 
> > Thanks!
> > 
> > 
> > Public GPG/PGP key for Brant Williams: 0x88E1AA9E.
> > Available at your friendly local public keyserver.
> > 
> > 
> > _______________________________________________
> > grsecurity mailing list
> > grsecurity at grsecurity.net
> > http://grsecurity.net/cgi-bin/mailman/listinfo/grsecurity
> > 
> _______________________________________________
> grsecurity mailing list
> grsecurity at grsecurity.net
> http://grsecurity.net/cgi-bin/mailman/listinfo/grsecurity
> 
> 
> 
>

More information about the grsecurity mailing list