From owner-freebsd-current Thu May 23 08:00:35 1996 Return-Path: owner-current Received: (from root@localhost) by freefall.freebsd.org (8.7.3/8.7.3) id IAA18294 for current-outgoing; Thu, 23 May 1996 08:00:35 -0700 (PDT) Received: from rover.village.org (rover.village.org [204.144.255.49]) by freefall.freebsd.org (8.7.3/8.7.3) with ESMTP id IAA18280 for ; Thu, 23 May 1996 08:00:31 -0700 (PDT) Received: from localhost (localhost [127.0.0.1]) by rover.village.org (8.7.5/8.6.6) with SMTP id IAA09701; Thu, 23 May 1996 08:59:49 -0600 (MDT) Message-Id: <199605231459.IAA09701@rover.village.org> To: Paul Traina Subject: Re: freebsd + synfloods + ip spoofing Cc: Garrett Wollman , Poul-Henning Kamp , current@FreeBSD.ORG, blh@nol.net In-reply-to: Your message of Wed, 22 May 1996 09:07:04 PDT Date: Thu, 23 May 1996 08:59:48 -0600 From: Warner Losh Sender: owner-current@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk : We're making tcp_iss random in tcp_init.c, but then manipulating it in : totally predictable ways. This is not random at all. The ISS needs to : be randomized on a PER tcp connection attempt. I realize that violates : RFC 793, but it has to be done. There was recently an RFC issued, as I'm sure you are aware, that suggests making the sequence number a random thing based on the MD-5 hash of the traditional TCP/IP 4-touple and some host private information (like output from /dev/random). Is that sufficient, or do sequence numbers need to be randomly jiggered more to prevent the attacks that are being whined, err ummm, talked about here? Per attempt is easy to ramdomize w/o violating 793 since you still have 2^31 bits of randomness that you can use (since the original request partitions the space in 2). Even if you picked a more conservative figure, you can make it fairly hard to guess the next ISS w/o significantly impacting the ability of TCP to detect and discard stale packets. Warner