lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Wed, 20 Aug 2014 11:47:15 +0200
From:	Alexander Holler <holler@...oftware.de>
To:	Hagen Paul Pfeifer <hagen@...u.net>
CC:	Eric Dumazet <eric.dumazet@...il.com>,
	Christian Grothoff <grothoff@...tum.de>,
	Jacob Appelbaum <jacob@...elbaum.net>,
	Andi Kleen <andi@...stfloor.org>,
	Stephen Hemminger <stephen@...workplumber.org>,
	David Miller <davem@...emloft.net>,
	netdev <netdev@...r.kernel.org>, linux-kernel@...r.kernel.org,
	knock@...net.org
Subject: Re: [PATCH] TCP: add option for silent port knocking with integrity
 protection

Am 20.08.2014 11:28, schrieb Hagen Paul Pfeifer:
> On 20 August 2014 11:07, Alexander Holler <holler@...oftware.de> wrote:
>
>> For sure it could be better, but I'm already happy with the current
>> imperfect solution which I can use now and not some perfect solution which
>> might be available in some years.
>
> Alexander, to make it clear: we cannot include mechanisms which
> probably open other (security) issues. This is not how things work
> out. TCP had so many issues in the past - regarding security,
> implementation f*ups, etc. pp. It is utterly important that there is
> no problem with an extension. Please join the discussion ob tcpm if
> you will drive things forward. That's all what I can say - sorry!

Maybe I first should send a million syn-packets to a box where I've 
enabled that feature. ;)

Anyway, I still think there should be some room for experimental 
features in the kernel. It makes them more visible to possible 
contributors and helps to drive further development.

Not necessarily in my case (as most people, I can't and don't want to 
participate in all parties), but ...

Regards,

Alexander Holler
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ