[Full-disclosure] TCP Port randomization paper
Fernando Gont
fernando.gont at gmail.com
Tue Dec 11 22:55:21 GMT 2007
On Dec 9, 2007 2:20 AM, reepex <reepex at gmail.com> wrote:
> ~$ grep -i grsec draft-ietf-tsvwg-port-randomization-00.txt
> ~$
>
> as stated by the last person its very strange you do not mention grsecurity
> in your
> "Survey of the algorithms in use by some popular implementations"
Well, it's just *some* popular implementations. I will add a note on
grsecurity in the next revision of the draft.
> Are you a developer of selinux or a close friend/relative/lover? It is well
> known the the selinux developers are in 'grsec/pax denial' (similar to
> holocaust denail) and believe that their product, which does protect against
> any attacks and leaves many holes for the nsa to exploit in chinese
> networks, is superior to pax even though selinux has easily bypassable
> stack overflow, kernel vulernablity, and null pointer deference protections.
That's not the case here. (And I wasn't even aware of that "denial"
you mention).
I'd be glad to include a section on both grsec and selinux. If you
point me a good reference to each of them, that might speed up the
process quite a bit. ;-)
Kind regards,
Fernando
Full-Disclosure is hosted and sponsored by Secunia.