I may be wrong here - haven't looked at the source lately -
and I'm sure someone will correct me if I am, but I don't
think that network interrupts in general contribute to
the random driver, the theory being that an attacker
could carefully time the packets sent and thus possibly
influence the entropy pool in some way that would gain
some advantage. I don't think this has been proven, just
that network interrupts are not used because of general
paranoia to that effect. The sources I know of that contribute
to the entropy pool are keyboard and mouse interrupts (and
scancodes and pointer positions), some block device timing
information and some other interrupts. Actually, a quick
perusal of 2.4.8-ac3 shows that the sk_mca, 3c523, and ibmlana
network drivers seem to be the only other drivers that
include the SA_SAMPLE_RANDOM bit in their interrupt processing.
So, my guess is that on a system without mouse and keyboard,
you may need to do something (low priority-ish to minimize
performance impact) that generates a fair amount of disk activity
in order to keep the entropy pool full (unless you happen to have
one of the above network drivers).
tw
-- twalberg@mindspring.com
This archive was generated by hypermail 2b29 : Wed Aug 15 2001 - 21:00:59 EST