[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] TCP Port randomization paper
- To: reepex <reepex@xxxxxxxxx>
- Subject: Re: [Full-disclosure] TCP Port randomization paper
- From: "Fernando Gont" <fernando.gont@xxxxxxxxx>
- Date: Tue, 11 Dec 2007 19:55:21 -0300
On Dec 9, 2007 2:20 AM, reepex <reepex@xxxxxxxxx> wrote:
> ~$ grep -i grsec draft-ietf-tsvwg-port-randomization-00.txt
> ~$
>
> as stated by the last person its very strange you do not mention grsecurity
> in your
> "Survey of the algorithms in use by some popular implementations"
Well, it's just *some* popular implementations. I will add a note on
grsecurity in the next revision of the draft.
> Are you a developer of selinux or a close friend/relative/lover? It is well
> known the the selinux developers are in 'grsec/pax denial' (similar to
> holocaust denail) and believe that their product, which does protect against
> any attacks and leaves many holes for the nsa to exploit in chinese
> networks, is superior to pax even though selinux has easily bypassable
> stack overflow, kernel vulernablity, and null pointer deference protections.
That's not the case here. (And I wasn't even aware of that "denial"
you mention).
I'd be glad to include a section on both grsec and selinux. If you
point me a good reference to each of them, that might speed up the
process quite a bit. ;-)
Kind regards,
Fernando
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/