| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 13 Dec 2013 04:07:11 +0100 From: Hannes Frederic Sowa <hannes@...essinduktion.org> To: Eric Dumazet <eric.dumazet@...il.com>, Christian Grothoff <grothoff@...tum.de>, Jacob Appelbaum <jacob@...elbaum.net>, Andi Kleen <andi@...stfloor.org>, Stephen Hemminger <stephen@...workplumber.org>, David Miller <davem@...emloft.net>, netdev@...r.kernel.org, linux-kernel@...r.kernel.org, knock@...net.org Subject: Re: [PATCH] TCP: add option for silent port knocking with integrity protection On Thu, Dec 12, 2013 at 04:46:37PM +0100, Hannes Frederic Sowa wrote: > On Thu, Dec 12, 2013 at 06:34:24AM -0800, Eric Dumazet wrote: > > With various proposals (like TCP minion), maybe its time to be able to > > implement part of TCP stack in user land (Keep the mux inside the > > kernel, and forward raw incoming packets to user land where all the > > crazy things can be done without kernel patching.) > > Maybe this knocking scheme is implementable with a socket filter and we could > add a switch to tweak drop behaviour. Just fyi, maybe it is useful. I haven't tested it: For the sending side one could craft the handshake by hand (raw/packet sockets) and splice in an already established socket via tcp connection repair. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists