Re: predictable IP ID

Savochkin Andrey Vladimirovich (saw@msu.ru)
Mon, 4 Oct 1999 17:21:35 +0400

On Mon, Oct 04, 1999 at 02:02:54PM +0100, Alan Cox wrote:
> > - IP ID generation for raw packets were fixed.
> >
> > What do you think about the patch?
>
> The IP id generation fix looks fine. The rest of it looks like sheer lunacy.
> The IP sequence number is a mere 16bits. The worst you can do by predicting
> it is to cause the odd packet to be lost. There is no real world evidence
> tht throwing that giant pile of code, and huge AVL tree into the kernel
> improves or fixes any kind of real world security issue. It adds some nice

Predictable IP IDs is not just a question about losing packets because
attackers can create junk fragments.

There are other possible attacks. For example predictable IP IDs can be used
to completely bypass TCP connection security based on unpredictable TCP sequence
numbers. Tools exploiting this weakness already exist. See
http://www.securityfocus.com/templates/archive.pike?list=1&date=1999-08-1&msg=BUGTRAQ%251999080211573830@LISTS.SECURITYFOCUS.COM

And I'm sure that other ways to abuse predictable IP ID will appear in the
future.

> performance harming features to the kernel in the process.

I don't see real performance penalty. I agree that I've added a big amount
of code to the kernel but it's a cost of a robust solution.

Best regards
Andrey

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/