From owner-freebsd-questions  Tue Apr 11 04:06:09 1995
Return-Path: questions-owner
Received: (from majordom@localhost)
          by freefall.cdrom.com (8.6.10/8.6.6) id EAA18322
          for questions-outgoing; Tue, 11 Apr 1995 04:06:09 -0700
Received: from wcarchive.cdrom.com (wcarchive.cdrom.com [192.216.191.11])
          by freefall.cdrom.com (8.6.10/8.6.6) with ESMTP id EAA18316
          for <freebsd-questions@freefall.cdrom.com>; Tue, 11 Apr 1995 04:06:07 -0700
Received: from zap.zap.qc.ca (zap.zap.qc.ca [198.168.127.8]) by wcarchive.cdrom.com (8.6.11/8.6.6) with ESMTP id EAA19163 for <freebsd-questions@wcarchive.cdrom.com>; Tue, 11 Apr 1995 04:06:03 -0700
Received: (from fortin@localhost) by zap.zap.qc.ca (8.6.9/8.6.6) id HAA01578; Tue, 11 Apr 1995 07:04:18 -0400
From: Denis Fortin <fortin@zap.zap.qc.ca>
Message-Id: <199504111104.HAA01578@zap.zap.qc.ca>
Subject: Re: Does BSD implement TCP/IP incorrectly?
To: brians@protools.com (Brian Smith)
Date: Tue, 11 Apr 1995 07:04:17 -0400 (EDT)
Cc: freebsd-questions@wcarchive.cdrom.com
In-Reply-To: <9504101732.AA16157@dot.protools.com> from "Brian Smith" at Apr 10, 95 10:32:15 am
X-Mailer: ELM [version 2.4 PL24]
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 8bit
Content-Length: 2361      
Sender: questions-owner@FreeBSD.org
Precedence: bulk

>     Although IP spoofing sounds like a new technique, it has actually
>     been recognized and openly discussed for years. There are special
>     provisions in the TCP/IP (Transmission Control  Protocol/Internet
>     Protocol) standard used by the Internet that are designed to make
>     IP spoofing difficult. The problem is that the IP  stack  distri-
>     buted  with  Berkeley  Unix (and now used by most of the computer
>     industry) doesn't implement the TCP/IP correctly.
> 
> I have read the IP, UDP, and TCP RFC's and cannot recall any chunks of
> functionality missing in BSD TCP/IP implementation relevant to IP spoofing.

As far as I know, it has to do with the datagram sequence numbers used
in TCP connections.  BSD TCP/IP always starts the sequence number at 1
(thereby making it relatively easy to guess that within a few moments of
a connection, the number will be 2, 3, 4, etc.)

If I recall properly, the relevant RFCs specify that these numbers are
supposed to be randomly chosen.  Always picking "1" can probably be
construed as being somewhat predictable and less that random (!).

Now, I'm quoting all of this from memory, so any TCP/IP gurus out
there are welcome to jump in and correct me!

> 	Face it: Unix sucks.
> 
> I really can't agree with him on his conclusion about releasing UNIX :),

Well, Unix sucks, yes.  TCP/IP also sucks.  C sucks, and C++ is worse.
VHS also sucks when compared to Beta!

On the other hand, their ubiquitousness (!?) make them about the only
valid choices for a wide range of applications that require interoperability
and/or portability.

Few people are proposing these days that you should get the machines in
your office set up using the OSI suite.  Heck, governments are even
amending their GOSIP to allow for TCP/IP.

The only thing you can really do for security is to try to make sure
that you do not become dependent on connections to the outside world
for your day-to-day operations (i.e. that your portion of the Internet
can run in isolation).  You should also try to be "security conscious" 
(set-up a firewall, monitor any possible attacks, etc.)

Anyway, off of the soapbox for now, I've got to put out the garbage :-)
-- 
Denis Fortin                                                    fortin@acm.org
DMR Group Inc, (514) 877-3301                        These opinions are my own