[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [DSA 1605-1] DNS vulnerability impact on the libc stub resolver

On Mon, 11 Aug 2008 19:25:17 +0200
Moritz Muehlenhoff <jmm@inutil.org> wrote:
> The Linux kernel implements UDP source port randomisation since 2.6.24:
> | This patch causes UDP port allocation to be randomized like TCP.
> | The earlier code would always choose same port (ie first empty list).
> http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=32c1da70810017a98aa6c431a5494a302b6b9a30

 I met Yoshifuji (Usagi - IPv6 for Linux kernel - maintainer) and 
 asked him this issue, he said "I'm not sure about cryptography,
 it's not so strong randomization, but 'better than nothing', I think".


 Hideki Yamane     henrich @ debian.or.jp/iijmio-mail.jp

Reply to: