On 03/06/15 20:27, Adam Borowski wrote:
>
> It looks like Knock breaks everything TCP SQN is used for.
>
*** You obviously didn't read the paper and are happily FUDing like it's
Pearl Harbor. Knock only changes the Initial Sequence Number of the TCP
packet, overriding the default MD5 hash used in the stock kernel to use
something meaningful to both the client and the server. It doesn't
change anything about how TCP works.
I'm looking forward to see this patch packaged.
==
hk
--
_ _ We are free to share code and we code to share freedom
(_X_)yne Foundation, Free Culture Foundry * https://www.dyne.org/donate/