From owner-freebsd-current  Wed May 22 09:07:52 1996
Return-Path: owner-current
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.3/8.7.3) id JAA06060
          for current-outgoing; Wed, 22 May 1996 09:07:52 -0700 (PDT)
Received: from precipice.shockwave.com (precipice.shockwave.com [171.69.108.33])
          by freefall.freebsd.org (8.7.3/8.7.3) with ESMTP id JAA06054
          for <current@freebsd.org>; Wed, 22 May 1996 09:07:49 -0700 (PDT)
Received: from shockwave.com (localhost.shockwave.com [127.0.0.1]) by precipice.shockwave.com (8.7.5/8.7.3) with ESMTP id JAA04887; Wed, 22 May 1996 09:07:05 -0700 (PDT)
Message-Id: <199605221607.JAA04887@precipice.shockwave.com>
X-Mailer: exmh version 1.6.6 3/24/96
To: Garrett Wollman <wollman@lcs.mit.edu>
cc: Poul-Henning Kamp <phk@critter.tfs.com>, current@freebsd.org, blh@nol.net
Subject: Re: freebsd + synfloods + ip spoofing 
In-reply-to: Your message of "Tue, 21 May 1996 16:53:47 EDT."
             <9605212053.AA01868@halloran-eldar.lcs.mit.edu> 
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Date: Wed, 22 May 1996 09:07:04 -0700
From: Paul Traina <pst@shockwave.com>
Sender: owner-current@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

Garret,

Brett is absolutely correct.

I just looked at what was done for tcp_iss.  If tcp_init is not called on 
every connection (it's not), then the whole design of the ISS randomization 
looks wrong to me.
We're making tcp_iss random in tcp_init.c, but then manipulating it in
totally predictable ways.  This is not random at all.  The ISS needs to
be randomized on a PER tcp connection attempt.  I realize that violates
RFC 793, but it has to be done.

Paul