[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[lwip-users] Re: [lwip] TCP sequence number attacks
From: |
Adam Dunkels |
Subject: |
[lwip-users] Re: [lwip] TCP sequence number attacks |
Date: |
Thu, 09 Jan 2003 01:17:38 -0000 |
On Fri, 2002-08-16 at 22:56, Paul Sheer wrote:
> > The right way to solve it isn't just to do iss = random(), though. I
>
> it is with PaulOS, because PaulOS random() is secure
The problem isn't with the randomness, but with the probability for
hitting "old" sequence numbers that have been used recently. Here is
what RFC1948 says:
The choice of initial sequence numbers for a connection is not
random. Rather, it must be chosen so as to minimize the probability
of old stale packets being accepted by new incarnations of the same
connection [6, Appendix A]. Furthermore, implementations of TCP
derived from 4.2BSD contain special code to deal with such
reincarnations when the server end of the original connection is
still in TIMEWAIT state [7, pp. 945]. Accordingly, simple
randomization, as suggested in [8], will not work well.
/adam
--
Adam Dunkels <address@hidden>
http://www.dunkels.com/adam/
[This message was sent through the lwip discussion list.]
- [lwip-users] Re: [lwip] TCP sequence number attacks, John C. Toman, 2003/01/08
- [lwip-users] Re: [lwip] TCP sequence number attacks, Adam Dunkels, 2003/01/08
- [lwip-users] Re: [lwip] TCP sequence number attacks, Paul Sheer, 2003/01/08
- [lwip-users] Re: [lwip] TCP sequence number attacks, Adam Dunkels, 2003/01/09
- [lwip-users] Re: [lwip] TCP sequence number attacks, Adam Dunkels, 2003/01/09
- [lwip-users] Re: [lwip] TCP sequence number attacks, John C. Toman, 2003/01/09
- [lwip-users] Re: [lwip] TCP sequence number attacks,
Adam Dunkels <=
- [lwip-users] Re: [lwip] TCP sequence number attacks, Paul Sheer, 2003/01/09