tech-net archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: TCP timestamp starting value (wa: A strange TCP timestamp problem?)
On Wed, Jul 20, 2016 at 06:43:53PM +0200, Edgar Fuß wrote:
> The starting value of 1 was chosen (over some form or uptime as other OSes do)
> in order not to leak any information about the system's uptime. The same can
> be aceived by using something proportional to real time.
> The attached patch implements that (with an arbitrary offset to prevent
> near-time 32-bit-overflow). The same could be achieved, of course, by simply
> sampling real time at TCP stack initialization; however, the suggested patch
> is less intrusive and would allow for run-time tweaking.
Wouldn't a better idea be to compute HASH(cookie,src,dst) + uptime for
some random cookie created at boot time? Essentially, you give each
target a unique monotonic time base, without leaking any data about the
perceived local time.
Joerg
Home |
Main Index |
Thread Index |
Old Index