|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: Re: Random Sequence Numbers
From: Peter Jeremy (peter.jeremy
alcatel.com.au)Date: Wed Feb 09 2000 - 16:06:08 CST
- Next message: skalir scalar: "Unauthorized Access..."
- Previous message: editorSkiBumNews.com: "Trade Hot Links"
- In reply to: Omachonu Ogali: "Random Sequence Numbers"
- Next in thread: Lowell Gilbert: "Re: Random Sequence Numbers"
- Reply: Peter Jeremy: "Re: Random Sequence Numbers"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On 2000-Feb-09 20:27:08 +1100, Omachonu Ogali <oogaliintranova.net> wrote:
>I don't know if anyone else attempted, but I whipped up a little patch for
>FreeBSD that randomizes the sequence/acknowledgment numbers sent by TCP
>instead of incrementing it by one each time. Apply using 'patch'.
Note that the patch is using libkern/random(). This function is a
simple, multiplicative PNRG with 32-bits of state (all of which is
`leaked' via its return value. Whilst the change might be better than
a simple increment/decrement, I don't believe it provides any real
security (especially in view of the %=2 operations).
Peter
To Unsubscribe: send mail to majordomoFreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
- Next message: skalir scalar: "Unauthorized Access..."
- Previous message: editorSkiBumNews.com: "Trade Hot Links"
- In reply to: Omachonu Ogali: "Random Sequence Numbers"
- Next in thread: Lowell Gilbert: "Re: Random Sequence Numbers"
- Reply: Peter Jeremy: "Re: Random Sequence Numbers"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]