From owner-freebsd-security Sun Feb 20 7:58:25 2000 Delivered-To: freebsd-security@freebsd.org Received: from hydrant.intranova.net (hydrant.intranova.net [209.201.95.10]) by hub.freebsd.org (Postfix) with SMTP id 6491437BE8F for ; Sun, 20 Feb 2000 07:58:19 -0800 (PST) (envelope-from oogali@intranova.net) Received: (qmail 87110 invoked from network); 20 Feb 2000 15:58:22 -0000 Received: from localhost (user46549@127.0.0.1) by hydrant.intranova.net with SMTP; 20 Feb 2000 15:58:22 -0000 Date: Sun, 20 Feb 2000 10:58:22 -0500 (EST) From: Omachonu Ogali To: Bjoern Groenvall Cc: Dan Moschuk , "smb@RESEARCH.ATT.COM Bill Fumerola" , freebsd-security@FreeBSD.ORG Subject: Re: Random Sequence Numbers In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org That was dropped a while ago and I saw that post Steven did, and secondly Dan told me he's done it already so there was no need to go on as it was only about 4-5 lines of code. On 20 Feb 2000, Bjoern Groenvall wrote: > Dan Moschuk writes: > > > This has been done, by me, using the arc4random() implementation I put into > > the kernel a few months ago. I'll be committing it after the code freeze. > > Before you go ahead and do this you might want to consider this > comment. (The message never made it way back to freebsd-security). > > From: "Steven M. Bellovin" > Subject: Re: Random Sequence Numbers > To: BUGTRAQ@SECURITYFOCUS.COM > Date: Thu, 10 Feb 2000 17:35:03 -0500 > Reply-To: smb@RESEARCH.ATT.COM > Return-Path: owner-bugtraq@SECURITYFOCUS.COM > > In message <00Feb10.090608est.115219@border.alcanet.com.au>, Peter Jeremy write > s: > > On 2000-Feb-09 20:27:08 +1100, Omachonu Ogali wrote: > > >I don't know if anyone else attempted, but I whipped up a little patch for > > >FreeBSD that randomizes the sequence/acknowledgment numbers sent by TCP > > >instead of incrementing it by one each time. Apply using 'patch'. > > > > Note that the patch is using libkern/random(). This function is a > > simple, multiplicative PNRG with 32-bits of state (all of which is > > `leaked' via its return value. Whilst the change might be better than > > a simple increment/decrement, I don't believe it provides any real > > security (especially in view of the %=2 operations). > > I never saw the original posting to this; let me suggest that folks read RFC > 1948 before doing sequence number randomization. > > --Steve Bellovin > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > -- +-------------------------------------------------------------------------+ | Omachonu Ogali oogali@intranova.net | | Intranova Networking Group http://tribune.intranova.net | | PGP Key ID: 0xBFE60839 | | PGP Fingerprint: C8 51 14 FD 2A 87 53 D1 E3 AA 12 12 01 93 BD 34 | +-------------------------------------------------------------------------+ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message