|
|
About ::
TODO ::
Blog ::
RSS ::
Old blog ::
Projects ::
GIT ::
Gallery ::
Notes
Thu, 15 Jun 2006
Alternative TCP/IP stack.
I've implemented TCP MSS and timestamp options (without PAWS receiving check),
although the latter does not work with acknowledges yet.
That's how passive OS fingerprinting,
which I ported to netfilter as OSF,
recognized my stack:
Your address is: xxx.xxx.xxx.xxx
Your system is recognized as:
xxx.xxx.xxx.xxx:1111 - UNKNOWN [4096:51:1:56:T,N,N,M1460:Z:?:?] (up: 3195 hrs) ->
213.134.128.25:80 (link: ethernet/modem)
P0f did not recognize your system.
We would really appreciate if you could tell us more about the system using the form below.
Thanks!
I can even tune it to look like windows or something like palm.
What is really missing in my implementation is retransmit queue, which is my main goal now.
/devel/networking :: Link / Comments ()
Acrypto development.
Some brain-damaged hardware (like IXP4xx crypto processors)
can not handle key exchange in run-time, so they must be somehow called
before sessions with new key are queued for processing.
Yakov Lerner (iler.ml_gmail.com) gave me idea of so called crypto contexts,
which holds information about crypto operations performed for given
context, for example key and mode for IPsec or dm-crypt.
That context can be created when new crypto user wants to start crypto
processing, and allow to notify about various events all drivers, which
are registered for those notifications. With above design IXP4xx hardware
can register itself for key change notification, which generally happens
in process context at least in dm-crypt and IPsec, and update it's
hardware structures to be capable to process flow of crypto requests.
I've released new combined patchsets for 2.6.15 and 2.6.16 trees with above
concept imeplemented. Patches can be
found in archive.
/devel/acrypto :: Link / Comments ()
|