[grsec] Randomized IP IDs/TTL
David Cannings
lists at edeca.net
Sun Jul 3 18:23:08 EDT 2005
On Sunday 03 July 2005 14:24, Gerald Holl wrote:
> Igmar Palsenberg wrote:
> >>I just took a look at the latest grsec kernel patch and noticed that the
> >>randomized IP ID and TTL features had been removed.
> >>Why are that features not present in current grsec patches?
> > It's been integrated in the vanilla kernel AFAIK.
> I sniffed some packets with tcpdump but the IP ID was still increasing
> and definitively not randomized.
The following quote is taken from http://www.grsecurity.net/news.php
"grsecurity 2.1.2 has been released today .. the removal of the randomized TCP
ISN, RPC XID, and IP ID code, since they added no greater security that what
Linux currently provides"
David
More information about the grsecurity
mailing list