[EMAIL PROTECTED] writes:
> Interesting. I thought I heard that Linux switched over to sequence
> numbers that were "more random" (e.g. to help defend against spoof
> attacks where the attacker does not receive the reply packets from the
> victim machine)
>
> Perhaps I heard incorrectly, or maybe they just apply noise on
> a small scale (e.g. some noise < the 64000 step-size you mentioned).
I'd heard that too, but to be honest, I just look over that code for
fun, and I haven't done this much lately.
BTW, I slightly mis-remembered how that particular counter is
incremented (in the BSD code). The counter starts at 1 and is
incremented by 64000 every half-second, but it is also incremented by
64000 every time a new connection comes in.
This fact suggests that it is unlikely that the Netscraft people are
using this particular method to determine uptime. Hmmm.
> Performance and practicality aside, completely random 32 bit sequence
> numbers would be a good thing, no? What does OpenBSD do?
Sort-of. I think that starting off at a random place (on a per
session basis) would be a good idea, but after that I don't think that
you can be very random. I don't think that you'd be very compliant
with RFC793 if you used completely random numbers all the time.
--kevin
--
Kevin D. Clark ([EMAIL PROTECTED]) |
Cetacean Networks, Inc. | Give me a decent UNIX
Portsmouth, N.H. (USA) | and I can move the world
[EMAIL PROTECTED] (PGP Key Available) |
**********************************************************
To unsubscribe from this list, send mail to
[EMAIL PROTECTED] with the following text in the
*body* (*not* the subject line) of the letter:
unsubscribe gnhlug
**********************************************************
