Page 1 of 1

New Grsec Feature Suggestions

PostPosted: Fri May 20, 2016 6:42 pm
by bancfc
Hi Spender & PaxTeam. I wanted to propose a few features for Grsec that are relevant beyond the privacy distros like Tails and Whonix (Disclosure: I am a developer of the latter). Convincing upstream Linux to adopt security measures is like smashing one's head against a very large brick wall so I am discussing it here where it counts and so millions of users can potentially benefit.

* TCP Timestamps leak a lot of sensitive data to the network like system uptime and allows attackers to fingerprint users and correlate timestamp leaks in Tor exit traffic with the timestamps in the client -> first hop circuit. Tails and us respond by completely disabling it despite documentation claiming performance problems without it. I recall seeing a patch you wrote for randomizing TCP Timestamps instead which could address privacy concerns but without affecting performance. Is it included in the TCP/IP hardening part of Grsec? ... 04520.html

* nf_conntrack_helper : Tor's Jacob Appelbaum discussed a feature in this module that allows a bunch of legacy protocol parsers in the kernel when they have no business being there. These code paths were exploited before: ... 07537.html

Can these be disabled by the Grsec patch out of the box?

* TCP Initial Sequence Numbers: Under an attacker controlled CPU load, a server's kernel timers used for TCP ISNs skew at a predictable rate which can be used to deanonymize Hidden Services. Is it possible to randomize the timer output somehow to mitigate this? ... tornot.pdf

Re: New Grsec Feature Suggestions

PostPosted: Sun May 14, 2017 2:14 pm
by ShenXianMountain
for timestamps,your can disable it via sysctl.

[root@localhost paxtest-0.9.15]# sysctl -a| grep timestamp
net.ipv4.tcp_timestamps = 1