File:  [NetBSD Developer Wiki] / wikisrc / projects / project / rfc6056.mdwn
Revision 1.2: download - view: text, annotated - select for diffs
Sun Nov 6 14:48:47 2011 UTC (8 years, 11 months ago) by jmmv
Branches: MAIN
CVS tags: HEAD
Define the per-project category and difficulty at the template level,
instead of manually tagging the project pages.  While doing this, prefix
the tags with "category:" and "difficulty:" to make them easier to

[[!template id=project

title="Implement RFC 6056: 'Recommendations for Transport-Protocol Port Randomization'"


[Alistair G. Crooks](

duration="3 months"

When using connect(2) to connect the client end of a socket, the system will choose the next number of the socket for you. Having an easily guessed port number can allow various attacks to take place. Choosing the next port number at random, whilst not perfect, gives more protection against these attacks.
[RFC 6056]( gives an excellent overview of the algorithms in use when "randomising source ports", giving examples from FreeBSD, OpenBSD and Linux.

This project has a number of goals:

* Evaluate and prioritise the algorithms in RFC 6056.
* Implement the algorithms in RFC 6056, and make it possible to choose between them with sysctl.

[[!tag gsoc]]

CVSweb for NetBSD wikisrc <> software: FreeBSD-CVSweb