On Thu, 2 Nov 2000, "Kevin D. Clark" <[EMAIL PROTECTED]> wrote:
>
> IIRC, Linux does something similar. Other monolithic kernels probably
> do similar things, but if you know what the scheme is, you can glean
> uptime information from this information.
Interesting. I thought I heard that Linux switched over to sequence
numbers that were "more random" (e.g. to help defend against spoof
attacks where the attacker does not receive the reply packets from the
victim machine)
Perhaps I heard incorrectly, or maybe they just apply noise on
a small scale (e.g. some noise < the 64000 step-size you mentioned).
Performance and practicality aside, completely random 32 bit sequence
numbers would be a good thing, no? What does OpenBSD do?
> In the case of BSD-derived
> kernels, you'd obviously have to poll every N hours, where N<9.
Why would you have to do this? The samples on the netcraft site seem to
be only 20-100 over the course of a year. All you have to do is poll to
watch that the sequence number "clock" has not shifted off of the "ramp"
to be reasonably sure the machine has still been up. Sure, this will
miss reboots that happen to re-coincide with the previous clock, but
this should be pretty rare (depends on the tolerance applied I guess).
Cheers,
Karl
**********************************************************
To unsubscribe from this list, send mail to
[EMAIL PROTECTED] with the following text in the
*body* (*not* the subject line) of the letter:
unsubscribe gnhlug
**********************************************************
