Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
New kernel knock patch against NSA port scanning
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
Benjamin1
Tux's lil' helper
Tux's lil' helper


Joined: 11 Aug 2003
Posts: 98

PostPosted: Fri Aug 15, 2014 3:03 pm    Post subject: New kernel knock patch against NSA port scanning Reply with quote

There is this new revelation

http://www.heise.de/ct/artikel/NSA-GCHQ-The-HACIENDA-Program-for-Internet-Colonization-2292681.html

that NSA and GCHQ are doing massive port scanning in order to hack thousands of servers which they use to hide their tracks when they attack their real targets.

In the article above, there is also a new knock patch proposed for the linux kernel that can at least minimize the attack surface a bit.

I think gentoo should include this patch.
Back to top
View user's profile Send private message
toralf
Developer
Developer


Joined: 01 Feb 2004
Posts: 3647
Location: Hamburg

PostPosted: Fri Aug 15, 2014 4:19 pm    Post subject: Reply with quote

Why ?

It is still experimental.

That patch doesn't improve privacy as long as applications don't use port knocking. And people who use port knocking techniques do already have enough knowledge to patch kernel using epatch().
Back to top
View user's profile Send private message
Benjamin1
Tux's lil' helper
Tux's lil' helper


Joined: 11 Aug 2003
Posts: 98

PostPosted: Fri Aug 15, 2014 8:25 pm    Post subject: Reply with quote

Well, as you say, it is experimental, and gentoo is a more experimental distro.

Furthermore, the patch does not seem to damage anything. As you write, it provides a new function that applications have to make use of.

And that is why the patch should get in the kernel soon. Applications will use this function more often, when it is regularly included in the kernel of the distros.

Certainly, an application using this function can provide its own kernel patch, and a user can put it in manually. But once this is shipped in the kernel regularly more applications will make use of this in shorter time.

Indeed, I would not propose to include it in, say, debian stable, yet. But some distro should start offering these features so that more applications will use it and that it is integrated faster into the main linux kernel three...
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum