1. 05 May, 2003 1 commit
  2. 04 May, 2003 2 commits
  3. 03 May, 2003 10 commits
  4. 02 May, 2003 3 commits
  5. 03 May, 2003 20 commits
  6. 02 May, 2003 4 commits
    • Arnaldo Carvalho de Melo's avatar
      o net: improve the current module infrastructure · cfc7551c
      Arnaldo Carvalho de Melo authored
      As per discussions in netdev we'll probably be moving to a brand new scheme, but this
      set of changesets have been discussed and are an improvement to the current situation
      and were already done prior to this thread happening.
      cfc7551c
    • David S. Miller's avatar
      [IPV4]: Fix typo in hashing changes. · d7920faf
      David S. Miller authored
      d7920faf
    • David S. Miller's avatar
      [IPV4]: Fix ip_rt_acct reading. · 6d35bbea
      David S. Miller authored
      6d35bbea
    • David S. Miller's avatar
      [NET]: Fix hashing exploits in ipv4 routing, IP conntrack, and TCP synq. · 8b1309d9
      David S. Miller authored
      Several hash table implementations in the networking were
      remotely exploitable.  Remote attackers could launch attacks
      whereby, using carefully choosen forged source addresses, make
      every routing cache entry get hashed into the same hash chain.
      
      Netfilter's IP conntrack module and the TCP syn-queue implementation
      had identical vulnerabilities and have been fixed too.
      
      The choosen solution to the problem involved using Bob's Jenkins
      hash along with a randomly choosen input.  For the ipv4 routing
      cache we take things one step further and periodically choose a
      new random secret.  By default this happens every 10 minutes, but
      this is configurable by the user via sysctl knobs.
      8b1309d9