Network Randomness Future Work Better TCP ISN and Timestamp generators to combat tuple reuse Probably something based on RFC1948, but with the ability to re-key Implementing PAWS checks in the TCP stack as in PF Looking at tracking least-recently-used ephemeral source ports selecting ephemeral ports randomly from those Looking at exposing the PF state table elsewhere in the kernel src ports only need to be unique for (dst ip, dst port, src ip) tuple