Date: Wed, 22 May 1996 12:25:08 -0400 (EDT) From: "Charles C. Figueiredo" <marxx@apocalypse.superlink.net> To: Paul Traina <pst@Shockwave.COM> Cc: Garrett Wollman <wollman@lcs.mit.edu>, Poul-Henning Kamp <phk@critter.tfs.com>, current@FreeBSD.ORG, blh@nol.net Subject: Re: freebsd + synfloods + ip spoofing Message-ID: <Pine.BSF.3.91.960522122204.3698A-100000@apocalypse.superlink.net> In-Reply-To: <199605221607.JAA04887@precipice.shockwave.com>
index | next in thread | previous in thread | raw e-mail
On Wed, 22 May 1996, Paul Traina wrote: > Garret, > > Brett is absolutely correct. > > I just looked at what was done for tcp_iss. If tcp_init is not called on > every connection (it's not), then the whole design of the ISS randomization > looks wrong to me. > We're making tcp_iss random in tcp_init.c, but then manipulating it in > totally predictable ways. This is not random at all. The ISS needs to > be randomized on a PER tcp connection attempt. I realize that violates > RFC 793, but it has to be done. > > Paul > > You may be right, but other implementations don't randomize on every connection either. FreeBSD, at the moment, just has what other implementations have wrong.home | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.91.960522122204.3698A-100000>