| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 23 Mar 2007 11:07:16 +0300 From: Evgeniy Polyakov <johnpol@....mipt.ru> To: David Miller <davem@...emloft.net> Cc: nikb@...master.com, netdev@...r.kernel.org Subject: Re: RFC: Established connections hash function On Thu, Mar 22, 2007 at 01:58:34PM -0700, David Miller (davem@...emloft.net) wrote: > From: "Nikolaos D. Bougalis" <nikb@...master.com> > Date: Thu, 22 Mar 2007 12:44:09 -0700 > > > People _have_ had problems. _I_ have had problems. And when > > someone with a few thousand drones under his control hoses your > > servers because he can do math and he leaves you with 20000-item > > long chains, _you_ will have problems. > > No need to further argue this point, the people that matter > (ie. me :-) understand it, don't worry.. Call me a loooser which mail will be deleted on arrival, but... jhash_2words(const, const, ((const << 16) | $sport) ^ $random) where $sport is 1-65535 in a loop, and $random is pseudo-random number obtained on start. Which is exactly the case of web server and attacker connects to 80 port from the same IP address and different source ports. Result with jenkins: 1 23880 2 12108 3 4040 4 1019 5 200 6 30 7 8 8 1 Xor: 1 65536 Please, do not apply patch as is, I will devote this day to find where jenkins has problems and try to fix distribution. If I will fail, then it is up to you to decide that above results are bad or good. Thank you. -- Evgeniy Polyakov - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists