# New kernel knock patch against NSA port scanning

## Benjamin1

There is this new  revelation 

http://www.heise.de/ct/artikel/NSA-GCHQ-The-HACIENDA-Program-for-Internet-Colonization-2292681.html

that NSA and GCHQ are doing massive port scanning in order to hack thousands of servers which they use to hide their tracks when they attack their real targets. 

In the article above, there is also a new knock patch proposed for the linux kernel that can at least minimize the attack surface a bit.

I think gentoo should include this patch.

----------

## toralf

Why ?

It is still experimental.

That patch doesn't improve privacy as long as applications don't use port knocking. And people who use port knocking techniques do already have enough knowledge to patch kernel using epatch().

----------

## Benjamin1

Well, as you say, it is experimental, and gentoo is a more experimental distro.

Furthermore, the patch does not seem to damage anything. As you write, it provides a new function that applications have to make use of. 

And that is why the patch should get in the kernel soon. Applications will use this function more often, when it is regularly included in the kernel of the distros.

Certainly, an application using this function can provide its own kernel patch, and a user can put it in manually. But once this is shipped in the kernel regularly more applications will make use of this in shorter time. 

Indeed, I would not propose to include it in, say, debian stable, yet. But some distro should start offering these features so that more applications will use it and that it is integrated faster into the main linux kernel three...

----------

