File:  [NetBSD Developer Wiki] / wikisrc / projects / project / rfc6056.mdwn
Revision 1.1: download - view: text, annotated - select for diffs
Sun Nov 6 01:59:12 2011 UTC (2 years, 5 months ago) by jmmv
Branches: MAIN
CVS tags: HEAD
Move existing project definitions from projects/gsoc_2011/ to
projects/project/ .

The goal for this reorganization is to remove any knowledge of the projects
classification from the file hierarchy: the classification goes into tags,
and projects indexes automatically list projects based on such tags.

Also, the current gsoc_2011 name was wrong anyway, because GSoC 2011 has
already concluded and projects would have had to move to a gsoc_2012 directory

Lastly, yes, "projects/project/*" is slightly redundant.  But I want to keep
the project lists from the projects "database" clearly separated.

This is as proposed in www@.

[[!template id=project

title="Implement RFC 6056: 'Recommendations for Transport-Protocol Port Randomization'"


[Alistair G. Crooks](

duration="3 months"

When using connect(2) to connect the client end of a socket, the system will choose the next number of the socket for you. Having an easily guessed port number can allow various attacks to take place. Choosing the next port number at random, whilst not perfect, gives more protection against these attacks.
[RFC 6056]( gives an excellent overview of the algorithms in use when "randomising source ports", giving examples from FreeBSD, OpenBSD and Linux.

This project has a number of goals:

* Evaluate and prioritise the algorithms in RFC 6056.
* Implement the algorithms in RFC 6056, and make it possible to choose between them with sysctl.

[[!tag gsoc]]
[[!tag easy]]
[[!tag kernel]]

CVSweb for NetBSD wikisrc <> software: FreeBSD-CVSweb