lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Wed, 20 Aug 2014 10:24:46 +0200
From:	Hagen Paul Pfeifer <hagen@...u.net>
To:	Alexander Holler <holler@...oftware.de>
Cc:	Eric Dumazet <eric.dumazet@...il.com>,
	Christian Grothoff <grothoff@...tum.de>,
	Jacob Appelbaum <jacob@...elbaum.net>,
	Andi Kleen <andi@...stfloor.org>,
	Stephen Hemminger <stephen@...workplumber.org>,
	David Miller <davem@...emloft.net>,
	netdev <netdev@...r.kernel.org>, linux-kernel@...r.kernel.org,
	knock@...net.org
Subject: Re: [PATCH] TCP: add option for silent port knocking with integrity protection

On 19 August 2014 21:36, Alexander Holler <holler@...oftware.de> wrote:

> It doesn't have to work in every environment and it doesn't have to solve
> all existing problems in the world. ;)
>
> But it enables people to protect a bit more against malicious people or
> governments.
>
> And it is really very easy to use. It took me around half an hour to find
> the places in openvpn and openssh where I had to add the setsockopt() call
> and it can be used even easier with preloading libknockify.so.
>
> There can be found much more useless options in the kernel. At least I like
> it and it fits my needs too.

It's not about to add another "useless options", it's about changing
the major transport protocol. You should probably join the IETF
tcpm/tcpinc mailing list where TCP stealth is currently actively
discussed. TCP stealth has problems and you can probably help to
address them on a *technical level* if you like the mechanism.

Hagen
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists