A secure patch is work in progress thanks to precious
advices from Solar Designer and Theo de Raadt.
I'll send this patch to bugtraq when done.
Please, if you are some good links about how to
is possible to compute N for 'X^2 mod N' generator
in real-time or links about others hard to predict
RNG
On Sun, Aug 01, 1999 at 01:10:06AM +0200, Nergal wrote:
Now let's recall another Linux feature. Many OSes (including Linux)
assign to ID field of an outgoing IP datagram consecutive, increasing
numbers (we forget about fragmentation here; irrelevant in this case). That
enables anyone
It was put back into 2.0.35 because the "fix" caused interoperability
problems with many other stacks.
I've discussed those interoperability problems with Alan (thanks!),
and have now updated my 2.0.37 patch to include a fix that shouldn't
cause them any more:
In article [EMAIL PROTECTED],
Salvatore Sanfilippo -antirez- [EMAIL PROTECTED] wrote:
i think that a consecutive IP id now can be considered
a weakness in IP stacks. [...] Here is a patch for
linux 2.0.36 [...] 'Truly random id' [...]
Your patch isn't secure. It uses a
So, the version of my patch for 2.0.34 didn't need to fix this any
more. Of course, future updates of the patch I was making based on
the latest one, and never bothered to check for this bug again.
Now, after your post, I am looking at patch-2.0.35.gz:
- return 0;
+ return 1;
On Sun, Aug 01, 1999 at 01:10:06AM +0200, Nergal wrote:
Now let's recall another Linux feature. Many OSes (including Linux)
assign to ID field of an outgoing IP datagram consecutive, increasing
numbers (we forget about fragmentation here; irrelevant in this case). That
enables anyone to
