| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 21 Nov 2009 23:40:08 -0500
From: William Allen Simpson <william.allen.simpson@...il.com>
To: David Miller <davem@...emloft.net>
CC: netdev@...r.kernel.org, joe@...ches.com
Subject: Re: [net-next-2.6 PATCH v7 3/7 RFC] TCPCT part 1c: sysctl_tcp_cookie_size,
socket option TCP_COOKIE_TRANSACTIONS
David Miller wrote:
> From: William Allen Simpson <william.allen.simpson@...il.com>
> Date: Sat, 21 Nov 2009 11:51:13 -0500
>
>> This code was based on net/ipv4/tcp_minisocks.c for syncookies.
>> Apparently, default for syncookies has been controversial.
>
> I'll have to change that, it doesn't make any sense. Thanks
> for pointing it out.
>
Once again, for the umpteenth time, I learn that existing code
proves to be a bad example to follow....
>> Would you accept always default to TCP_COOKIE_MAX?
>
> Sure, let's see what breaks.
>
Unlikely to break anything, according to studies of the subject:
Medina, A., Allman, M., and Floyd, S., "Measuring Interactions
Between Transport Protocols and Middleboxes", Proceedings 4th
ACM SIGCOMM/USENIX Conference on Internet Measurement, October
2004. http://www.icsi.berkeley.edu/pubs/networking/tbit-
Aug2004.pdf
TCPCT part 2 is much more likely to break things....
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists