> I've been using nmap and found on some systems it complain about the TCP > sequence is sequencial and others where it's random. I've also noticed that > if you go to www.scannerx.com <http://www.scannerx.com> and use their free > trial scanner, it'll report back to you any vunerabilities it find on your > box and TCP sequence is one of them... > > How/where do these get set as is it such a big threat? > > example below... > TCP Sequence Prediction: Class=random positive increments > > Difficulty=4768949 (Good luck!) > > IPID Sequence Generation: All zeros
>From what i understand of TCP/IP ( i could be so wrong here), the sequences numbers are used track incoming and out going packets. Why the sequence should be random is that it makes it harder to spoof packets, as you cant guess what the next correct packet should be. I think, i 'm sure if i'm wrong i'll be corrected. Jason -- Hofstadter's Law : "It always takes longer than you expect, even when you take Hofstadter's Law into account." -- SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
