Re: tcp vulnerability? haven't seen anything on it here...

From: Jörn Engel
Date: Wed Apr 21 2004 - 12:08:38 EST


On Wed, 21 April 2004 12:25:27 -0400, Chris Friesen wrote:
>
> The impression I got was that some equipment was much more vulnerable
> due to having a) massive windows, and b) using sequential source ports,
> making it much easier to guess even if you can't tap the line.

Heise.de made it appear, as if the only news was that with tcp
windows, the propability of guessing the right sequence number is not
1:2^32 but something smaller. They said that 64k packets would be
enough, so guess what the window will be.

Obvious solution would be to use a small window, which would cost
performance. Different solution would be to use a different window
size for reset, like, say, 1. Not sure if that would still be
standard, though.

Jörn

--
The cost of changing business rules is much more expensive for software
than for a secretaty.
-- unknown
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/