Home page logo

bugtraq logo Bugtraq mailing list archives

Re: Random Sequence Numbers
From: peter.jeremy () ALCATEL COM AU (Peter Jeremy)
Date: Thu, 10 Feb 2000 09:06:08 +1100

On 2000-Feb-09 20:27:08 +1100, Omachonu Ogali <oogali () intranova net> wrote:
I don't know if anyone else attempted, but I whipped up a little patch for
FreeBSD that randomizes the sequence/acknowledgment numbers sent by TCP
instead of incrementing it by one each time. Apply using 'patch'.

Note that the patch is using libkern/random().  This function is a
simple, multiplicative PNRG with 32-bits of state (all of which is
`leaked' via its return value.  Whilst the change might be better than
a simple increment/decrement, I don't believe it provides any real
security (especially in view of the %=2 operations).


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]