From owner-freebsd-net  Mon May  6 15:53:39 2002
Delivered-To: freebsd-net@freebsd.org
Received: from khavrinen.lcs.mit.edu (khavrinen.lcs.mit.edu [18.24.4.193])
	by hub.freebsd.org (Postfix) with ESMTP id 524C737B403
	for <net@freebsd.org>; Mon,  6 May 2002 15:53:33 -0700 (PDT)
Received: from khavrinen.lcs.mit.edu (localhost [IPv6:::1])
	by khavrinen.lcs.mit.edu (8.12.3/8.12.3) with ESMTP id g46MrWEN071725;
	Mon, 6 May 2002 18:53:32 -0400 (EDT)
	(envelope-from wollman@khavrinen.lcs.mit.edu)
Received: (from wollman@localhost)
	by khavrinen.lcs.mit.edu (8.12.3/8.12.3/Submit) id g46MrWiY071722;
	Mon, 6 May 2002 18:53:32 -0400 (EDT)
Date: Mon, 6 May 2002 18:53:32 -0400 (EDT)
From: Garrett Wollman <wollman@khavrinen.lcs.mit.edu>
Message-Id: <200205062253.g46MrWiY071722@khavrinen.lcs.mit.edu>
To: Mike Silbersack <silby@silby.com>
Cc: net@freebsd.org
Subject: Re: Junior network hacker tasks...
In-Reply-To: <20020506171825.P60840-100000@patrocles.silby.com>
References: <200205062209.g46M99N8070646@khavrinen.lcs.mit.edu>
	<20020506171825.P60840-100000@patrocles.silby.com>
Sender: owner-freebsd-net@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-net.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-net>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-net>
X-Loop: FreeBSD.org

<<On Mon, 6 May 2002 17:26:20 -0500 (CDT), Mike Silbersack <silby@silby.com> said:

> Is doing this wise?  I have this nagging feeling that randomizing (or
> zeroing on each new connection) the timestamp would degrade its usefulness
> for PAWS checks and the like.  (Don't ask me how, I haven't thought it
> through fully.)

I don't think so, because the timestamps, as currently specified, are
only meaningful within the context of a single connection.  See
sections 1.2, 4.3, and 4.2 of RFC 1323.  The PAWS mechanism requires
only that timestamps used by each connection be monotone increasing
with respect to Sequence Number Arithmetic.  RFC 1323 does require
(section 4.2.2) that the clock be between 1 ms and 1 s in period,
which I think we already violate on some platforms, although not
seriously; there probably should be a pre-computed (global) scaling
factor as well.

-GAWollman


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message