FreeBSD && TCP stealth
Matthias Apitz
guru at unixarea.de
Mon Oct 20 07:25:33 UTC 2014
Hello,
Is there any work started or in progress to implement TCP stealth in our
kernel as proposed to IETF in
https://datatracker.ietf.org/doc/draft-kirsch-ietf-tcp-stealth/
The idea is that the client put some magic value in the ISN of the first
SYN pkg which is derived from a secret the client and the server share.
The server can check the ISN and decide if it will answer the SYN pkg or
do a RST, for example.
Vy 73
matthias
--
Matthias Apitz | /"\ ASCII Ribbon Campaign:
E-mail: guru at unixarea.de | \ / - No HTML/RTF in E-mail
WWW: http://www.unixarea.de/ | X - No proprietary attachments
phone: +49-170-4527211 | / \ - Respect for open standards
| en.wikipedia.org/wiki/ASCII_Ribbon_Campaign
More information about the freebsd-current
mailing list