I'm just getting started with grsecurity-1.9.6-2.4.19.patch.gz and I've come across a problem: Setting rand_tcp_src_ports to 1 seems to do nothing on my machine. It still appears to be generating source port numbers sequentially:
[root@host /proc/sys/kernel/grsecurity]# echo 1 > rand_tcp_src_ports
[root@host /proc/sys/kernel/grsecurity]# cat rand_tcp_src_ports
1
[root@host /proc/sys/kernel/grsecurity]# ssh otherhost 'echo $SSH_CLIENT'
192.168.0.1 32797 22
[root@host /proc/sys/kernel/grsecurity]# ssh otherhost 'echo $SSH_CLIENT'
192.168.0.1 32798 22
[root@host /proc/sys/kernel/grsecurity]# ssh otherhost 'echo $SSH_CLIENT'
192.168.0.1 32799 22
(Notice 32797, 32798, 32799...)
Am I missing something...?
rand_tcp_src_ports isn't working?
2 posts
• Page 1 of 1
rand_tcp_src_ports isn't working?
by AverageUser » Sun Sep 01, 2002 4:51 pm
- AverageUser
- Posts: 7
- Joined: Sun Aug 25, 2002 1:58 pm
by spender » Sun Sep 01, 2002 6:26 pm
looks like the linux developers have added some more bloat. Apparently they just switched the function they were using to determine the port for connect to another function, which is basically a duplicate of half of the code in the old function. The problem is fixed in the current CVS. Thanks for pointing that out.
-Brad
-Brad
- spender
- Posts: 2185
- Joined: Wed Feb 20, 2002 8:00 pm
2 posts
• Page 1 of 1