From owner-freebsd-security  Sun Feb 20  7:48:32 2000
Delivered-To: freebsd-security@freebsd.org
Received: from bg.sics.se (bg.sics.se [193.10.66.124])
	by hub.freebsd.org (Postfix) with ESMTP
	id A7D3C37BD54; Sun, 20 Feb 2000 07:48:28 -0800 (PST)
	(envelope-from bg@bg.sics.se)
Received: (from bg@localhost)
	by bg.sics.se (8.9.3/8.9.3) id QAA09029;
	Sun, 20 Feb 2000 16:48:34 +0100 (CET)
	(envelope-from bg)
To: Dan Moschuk <dan@FreeBSD.ORG>
Cc: Omachonu Ogali <oogali@intranova.net>,
	"smb@RESEARCH.ATT.COM    Bill Fumerola" <billf@chc-chimes.com>,
	freebsd-security@FreeBSD.ORG
Subject: Re: Random Sequence Numbers
References: <20000211114905.E74001@jade.chc-chimes.com> <Pine.BSF.4.10.10002111337170.22882-100000@hydrant.intranova.net> <20000211135026.C9856@spirit.jaded.net>
From: Bjoern Groenvall <bg@sics.se>
Date: 20 Feb 2000 16:48:34 +0100
In-Reply-To: Dan Moschuk's message of Fri, 11 Feb 2000 13:50:26 -0500
Message-ID: <wuu2j3zxgt.fsf@bg.sics.se>
Lines: 32
X-Mailer: Red Gnus v0.52/Emacs 19.34
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

Dan Moschuk <dan@FreeBSD.ORG> writes:

> This has been done, by me, using the arc4random() implementation I put into
> the kernel a few months ago.  I'll be committing it after the code freeze.

Before you go ahead and do this you might want to consider this
comment. (The message never made it way back to freebsd-security).

From: "Steven M. Bellovin" <smb@RESEARCH.ATT.COM>
Subject:      Re: Random Sequence Numbers
To: BUGTRAQ@SECURITYFOCUS.COM
Date:         Thu, 10 Feb 2000 17:35:03 -0500
Reply-To: smb@RESEARCH.ATT.COM
Return-Path: owner-bugtraq@SECURITYFOCUS.COM

In message <00Feb10.090608est.115219@border.alcanet.com.au>, Peter Jeremy write
s:
> On 2000-Feb-09 20:27:08 +1100, Omachonu Ogali <oogali@intranova.net> wrote:
> >I don't know if anyone else attempted, but I whipped up a little patch for
> >FreeBSD that randomizes the sequence/acknowledgment numbers sent by TCP
> >instead of incrementing it by one each time. Apply using 'patch'.
>
> Note that the patch is using libkern/random().  This function is a
> simple, multiplicative PNRG with 32-bits of state (all of which is
> `leaked' via its return value.  Whilst the change might be better than
> a simple increment/decrement, I don't believe it provides any real
> security (especially in view of the %=2 operations).

I never saw the original posting to this; let me suggest that folks read RFC
1948 before doing sequence number randomization.

		--Steve Bellovin


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message