Re: [Tails-dev] Reducing attack surface of kernel and tighte…

Delete this message

Reply to this message
Author: Oliver-Tobias Ripka
To: The Tails public development discussion list
Subject: Re: [Tails-dev] Reducing attack surface of kernel and tightening firewall/sysctls
According to anonym on Thu, Dec 11 2014:
> So, in addition to "proto tcp", how does "--syn" compare to "state NEW"?
> Actually, what is it we are trying to defend against here? Is there any
> conceivable attack vector based on sending non-syn packets for
> non-ESTABLISHED (i.e. NEW) TCP streams?

Ok... aside from the defence-in-depth and the "it is a good idea to harden
everyhting argument" ...

One constructed theoratical scenario we would defend against is a bug in
a specific Tor client or specific Kernel version that does not follow
the TCP protocol and sends e.g. a SYN/ACK before a SYN. This would allow
provide an attacker against Tor users to have an easier time to
deanonymize users of this buggy stack because of this version anomaly
that is visible on the network. Implementing the NEW state would
prohibit such leaks.