Re: TCP Port randomization paper

["Fernando Gont" <fernando.gont () gmail com>]

On Dec 9, 2007 2:20 AM, reepex <reepex () gmail com> wrote:

> ~$ grep -i grsec draft-ietf-tsvwg-port-randomization-00.txt
> ~$
>
> as stated by the last person its very strange you do not mention grsecurity
> in your
> "Survey of the algorithms in use by some popular implementations"

Well, it's just *some* popular implementations. I will add a note on
grsecurity in the next revision of the draft.



> Are you a developer of selinux or a close friend/relative/lover? It is well
> known the the selinux developers are in 'grsec/pax denial' (similar to
> holocaust denail) and believe that their product, which does protect against
> any attacks and leaves many holes for the nsa to exploit in chinese
> networks, is superior to pax even though selinux  has easily bypassable
> stack overflow, kernel vulernablity, and null pointer deference protections.

That's not the case here. (And I wasn't even aware of that "denial"
you mention).

I'd be glad to include a section on both grsec and selinux. If you
point me a good reference to each of them, that might speed up the
process quite a bit. ;-)

Kind regards,
Fernando

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/