From owner-freebsd-current  Wed May 22 13:16:41 1996
Return-Path: owner-current
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.3/8.7.3) id NAA23078
          for current-outgoing; Wed, 22 May 1996 13:16:41 -0700 (PDT)
Received: from apocalypse.superlink.net (root@apocalypse.superlink.net [205.246.27.150])
          by freefall.freebsd.org (8.7.3/8.7.3) with ESMTP id NAA23073
          for <current@FreeBSD.ORG>; Wed, 22 May 1996 13:16:36 -0700 (PDT)
Received: (from marxx@localhost) by apocalypse.superlink.net (8.7.5/8.7.3) id MAA03773; Wed, 22 May 1996 12:25:09 -0400 (EDT)
Date: Wed, 22 May 1996 12:25:08 -0400 (EDT)
From: "Charles C. Figueiredo" <marxx@apocalypse.superlink.net>
To: Paul Traina <pst@Shockwave.COM>
cc: Garrett Wollman <wollman@lcs.mit.edu>,
        Poul-Henning Kamp <phk@critter.tfs.com>, current@FreeBSD.ORG,
        blh@nol.net
Subject: Re: freebsd + synfloods + ip spoofing 
In-Reply-To: <199605221607.JAA04887@precipice.shockwave.com>
Message-ID: <Pine.BSF.3.91.960522122204.3698A-100000@apocalypse.superlink.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-current@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk


On Wed, 22 May 1996, Paul Traina wrote:

> Garret,
> 
> Brett is absolutely correct.
> 
> I just looked at what was done for tcp_iss.  If tcp_init is not called on 
> every connection (it's not), then the whole design of the ISS randomization 
> looks wrong to me.
> We're making tcp_iss random in tcp_init.c, but then manipulating it in
> totally predictable ways.  This is not random at all.  The ISS needs to
> be randomized on a PER tcp connection attempt.  I realize that violates
> RFC 793, but it has to be done.
> 
> Paul
> 
> 
	You may be right, but other implementations don't randomize on every 
connection either. FreeBSD, at the moment, just has what other 
implementations have wrong.