Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: DakaRand
From: Dan Kaminsky <dan () doxpara com>
Date: Mon, 20 Aug 2012 09:35:54 -0700

On Mon, Aug 20, 2012 at 9:29 AM, Paul Schmehl <pschmehl_lists () tx rr com>wrote:

--On August 20, 2012 8:32:59 AM -0700 Dan Kaminsky <dan () doxpara com>

On Mon, Aug 20, 2012 at 8:29 AM, Paul Schmehl <pschmehl_lists () tx rr com>

--On August 20, 2012 2:22:28 AM -0700 Dan Kaminsky <dan () doxpara com>

May I ask what FreeBSD's entropy sources are?

I'm surprised you don't already know.  From device noise.

Which class?  There are many sorts of said noise (most of which I
believe actually work).

The long answer is look at /usr/src/sys/sys/random.h.

The short answer is:
/* Allow the sysadmin to select the broad category of
* entropy types to harvest
struct harvest_select {
        int ethernet;
        int point_to_point;
        int interrupt;
        int swi;

swi is software interrupt handlers.  interrupt is hardware interrupts
(e.g. usb, pci, etc.)

Neat.  What's the default, and what does it mine?  Count?  Nanosecond time?

*If* you install a hardware PRNG, FreeBSD will use that instead (by


Paul Schmehl, Senior Infosec Analyst
As if it wasn't already obvious, my opinions
are my own and not those of my employer.
"It is as useless to argue with those who have
renounced the use of reason as to administer
medication to the dead." Thomas Jefferson
"There are some ideas so wrong that only a very
intelligent person could believe in them." George Orwell

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]