tcp: syncookies: reduce mss table to four values
authorFlorian Westphal <fw@strlen.de>
Fri, 20 Sep 2013 20:32:56 +0000 (22:32 +0200)
committerDavid S. Miller <davem@davemloft.net>
Tue, 24 Sep 2013 14:39:58 +0000 (10:39 -0400)
commit086293542b991fb88a2e41ae7b4f82ac65a20e1a
tree5f868e340b74cc03ee7f7f19fd12af0c08a422a8
parent8c27bd75f04fb9cb70c69c3cfe24f4e6d8e15906
tcp: syncookies: reduce mss table to four values

Halve mss table size to make blind cookie guessing more difficult.
This is sad since the tables were already small, but there
is little alternative except perhaps adding more precise mss information
in the tcp timestamp.  Timestamps are unfortunately not ubiquitous.

Guessing all possible cookie values still has 8-in 2**32 chance.

Reported-by: Jakob Lell <jakob@jakoblell.com>
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
net/ipv4/syncookies.c
net/ipv6/syncookies.c