Clock slew vulnerability in FreeBSD?
Anthony Atkielski
atkielski.anthony at wanadoo.fr
Thu Mar 10 19:42:43 PST 2005
Bnonn writes:
> Is this technically a vulnerability, or is it just a side-effect of how
> computers operate?
It's a vulnerability in the sense that it can leak confidential
information about a system's identity. It's not a side-effect of how
computers operate, but rather a side-effect of how most TCP stacks are
implemented.
> I was of the impression that this is quite an unavoidable issue, given
> how it seems to apply to any computer regardless of OS, but I haven't
> researched the issue much myself. Interesting question.
It seems to be unavoidable only in the sense that most operating systems
are not designed to protect against it (yet). I think the claims of the
researchers are overly optimistic, but time will tell.
In any case, in the interest of security, it would be nice to see it
addressed. I read that FreeBSD can be configured to avoid the problem
completely by disabling the timestamps upon which the technique depends,
but I don't remember the details. And if one still wants to use
timestamps, it would be good if they could be used without leaking any
information.
--
Anthony
More information about the freebsd-questions
mailing list