View previous topic :: View next topic |
Author |
Message |
Benjamin1 Tux's lil' helper
Joined: 11 Aug 2003 Posts: 98
|
Posted: Fri Aug 15, 2014 3:03 pm Post subject: New kernel knock patch against NSA port scanning |
|
|
There is this new revelation
http://www.heise.de/ct/artikel/NSA-GCHQ-The-HACIENDA-Program-for-Internet-Colonization-2292681.html
that NSA and GCHQ are doing massive port scanning in order to hack thousands of servers which they use to hide their tracks when they attack their real targets.
In the article above, there is also a new knock patch proposed for the linux kernel that can at least minimize the attack surface a bit.
I think gentoo should include this patch. |
|
Back to top |
|
|
toralf Developer
Joined: 01 Feb 2004 Posts: 3922 Location: Hamburg
|
Posted: Fri Aug 15, 2014 4:19 pm Post subject: |
|
|
Why ?
It is still experimental.
That patch doesn't improve privacy as long as applications don't use port knocking. And people who use port knocking techniques do already have enough knowledge to patch kernel using epatch(). |
|
Back to top |
|
|
Benjamin1 Tux's lil' helper
Joined: 11 Aug 2003 Posts: 98
|
Posted: Fri Aug 15, 2014 8:25 pm Post subject: |
|
|
Well, as you say, it is experimental, and gentoo is a more experimental distro.
Furthermore, the patch does not seem to damage anything. As you write, it provides a new function that applications have to make use of.
And that is why the patch should get in the kernel soon. Applications will use this function more often, when it is regularly included in the kernel of the distros.
Certainly, an application using this function can provide its own kernel patch, and a user can put it in manually. But once this is shipped in the kernel regularly more applications will make use of this in shorter time.
Indeed, I would not propose to include it in, say, debian stable, yet. But some distro should start offering these features so that more applications will use it and that it is integrated faster into the main linux kernel three... |
|
Back to top |
|
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
|