Figure 2 Random TCP source ports (CONFIG_GRKERNSEC_RANDSRC)
[root@grsecurity root]# tcpdump -i lo dst port 5000 -w /tmp/output -c 2 &
[1] 14764
tcpdump: listening on lo
[root@grsecurity root]# telnet localhost 5000
Trying 127.0.0.1...
telnet: connect to address 127.0.0.1: Connection refused
[root@grsecurity root]# telnet localhost 5000
Trying 127.0.0.1...
4 packets received by filter
0 packets dropped by kernel
telnet: connect to address 127.0.0.1: Connection refused
[1]+ Done tcpdump -i lo dst port 5000 -w /tmp/output
-c 2
[root@grsecurity root]# tcpdump -r /tmp/output
14:24:36.567312 localhost.50690 > localhost.5000: S
4010487236:4010487236(0) win 32767 <mss 16396,sackOK,timestamp 22457739
0,nop,wscale 0> (DF) [tos 0x10]
14:24:37.529007 localhost.33211 > localhost.5000: S
3051702410:3051702410(0) win 32767 <mss 16396,sackOK,timestamp 22457836
0,nop,wscale 0> (DF) [tos 0x10]
---
[root@no-grsecurity root]# tcpdump -i lo dst port 5000 -w /tmp/output -c 2 &
[1] 26922
tcpdump: listening on lo
[root@d=no-grsecurity root]# telnet localhost 5000
Trying 127.0.0.1...
telnet: connect to address 127.0.0.1: Connection refused
[root@no-grsecurity root]# telnet localhost 5000
Trying 127.0.0.1...
4 packets received by filter
0 packets dropped by kernel
telnet: connect to address 127.0.0.1: Connection refused
[1]+ Done tcpdump -i lo dst port 5000 -w /tmp/output
-c 2
[root@no-grsecurity root]# tcpdump -r /tmp/output
14:26:59.225768 localhost.localdomain.48533 >
localhost.localdomain.5000: S 3264532978:3264532978(0) win 32767 <mss
16396,sackOK,timestamp 95383280 0,nop,wscale 0> (DF) [tos 0x10]
14:26:59.922787 localhost.localdomain.48534 >
localhost.localdomain.5000: S 3264231394:3264231394(0) win 32767 <mss
16396,sackOK,timestamp 95383350 0,nop,wscale 0> (DF) [tos 0x10]
|