From owner-freebsd-bugs Wed Jul 23 19:30:04 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.5/8.8.5) id TAA01496 for bugs-outgoing; Wed, 23 Jul 1997 19:30:04 -0700 (PDT) Received: (from gnats@localhost) by hub.freebsd.org (8.8.5/8.8.5) id TAA01483; Wed, 23 Jul 1997 19:30:01 -0700 (PDT) Date: Wed, 23 Jul 1997 19:30:01 -0700 (PDT) Message-Id: <199707240230.TAA01483@hub.freebsd.org> To: freebsd-bugs Cc: From: Garrett Wollman Subject: kern/4153: New tcp initial send sequence number code Reply-To: Garrett Wollman Sender: owner-freebsd-bugs@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk The following reply was made to PR kern/4153; it has been noted by GNATS. From: Garrett Wollman To: leres@ee.lbl.gov Cc: FreeBSD-gnats-submit@FreeBSD.ORG, vern@ee.lbl.gov Subject: kern/4153: New tcp initial send sequence number code Date: Wed, 23 Jul 1997 22:22:59 -0400 (EDT) < The following context diffs use a 32 bit random number that > is based on a seed that is not externally visible. (See > the comments in tcp_new_iss() for a more detailed explaination.) > While this version does technically violate the spec, it > doesn't do so in a manner that will impact any current or > future implementation. (We've been running a version of > this code on our SunOS 4 systems since the early days of > ip spoofing.) If you go to this extreme, you might as well just use the in-kernel secure random number generator instead. -GAWollman -- Garrett A. Wollman | O Siem / We are all family / O Siem / We're all the same wollman@lcs.mit.edu | O Siem / The fires of freedom Opinions not those of| Dance in the burning flame MIT, LCS, CRS, or NSA| - Susan Aglukark and Chad Irschick