| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <6aab053a0712111455t224979dfp524c755185d21e9d@mail.gmail.com> Date: Tue, 11 Dec 2007 19:55:21 -0300 From: "Fernando Gont" <fernando.gont@...il.com> To: reepex <reepex@...il.com> Cc: full-disclosure@...ts.grok.org.uk Subject: Re: TCP Port randomization paper On Dec 9, 2007 2:20 AM, reepex <reepex@...il.com> wrote: > ~$ grep -i grsec draft-ietf-tsvwg-port-randomization-00.txt > ~$ > > as stated by the last person its very strange you do not mention grsecurity > in your > "Survey of the algorithms in use by some popular implementations" Well, it's just *some* popular implementations. I will add a note on grsecurity in the next revision of the draft. > Are you a developer of selinux or a close friend/relative/lover? It is well > known the the selinux developers are in 'grsec/pax denial' (similar to > holocaust denail) and believe that their product, which does protect against > any attacks and leaves many holes for the nsa to exploit in chinese > networks, is superior to pax even though selinux has easily bypassable > stack overflow, kernel vulernablity, and null pointer deference protections. That's not the case here. (And I wasn't even aware of that "denial" you mention). I'd be glad to include a section on both grsec and selinux. If you point me a good reference to each of them, that might speed up the process quite a bit. ;-) Kind regards, Fernando _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists