[Bug 239724] The ping command doesn't randomize ICMP timestamps and allows system time detection

bugzilla-noreply Thu, 08 Aug 2019 12:13:55 -0700

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=239724


            Bug ID: 239724
           Summary: The ping command doesn't randomize ICMP timestamps and
                    allows system time detection
           Product: Base System
           Version: CURRENT
          Hardware: Any
                OS: Any
            Status: New
          Keywords: patch
          Severity: Affects Many People
          Priority: ---
         Component: bin
          Assignee: b...@freebsd.org
          Reporter: gbergl...@gmail.com

Created attachment 206377
  --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=206377&action=edit
ping(8) patch

The current implementation of ping(8) doesn't randomized ICMP timestamps. The
attached patch addresses this. Due to the applied randomized offset the system
time isn't guessable for an attacker and OS detection is nearly impossible.

This change was inspired by OpenBSDs ping(8) implementation.

-- 
You are receiving this mail because:
You are the assignee for the bug.
_______________________________________________
freebsd-bugs@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-bugs
To unsubscribe, send any mail to "freebsd-bugs-unsubscr...@freebsd.org"

[Bug 239724] The ping command doesn't randomize ICMP timestamps and allows system time detection

Reply via email to