Re: CONFIG_RANDOM option for 1.99.2

Alan Cox (alan@cymru.net)
Thu, 16 May 1996 09:40:56 +0100 (BST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: lilo: "Re: Java in Linux kernel: some issues"
Previous message: Alan Cox: "Re: behavior of overwriting running executables?"
In reply to: Theodore Y. Ts'o: "Re: CONFIG_RANDOM option for 1.99.2"
Next in thread: Martin.Dalecki: "Re: CONFIG_RANDOM option for 1.99.2"

> actual_initial_sequence_counter =
> (MD5(local port, remote port, remote address,
> high_quality_randomness_obtained_before_networking_enabled) +
> kernel's_existing_sequence_counter);
>
> This satisfies all of the Host Requirements RFC's, and makes it
> significantly more difficult for crackers to perform hijack TCP
> connections initiating from the Linux box.

Is that true. You need monotonically increasing sequence space. We'd need to
make the MD5 part a small fragment of the sequence space (say 24bit) I
think ?

alan

Next message: lilo: "Re: Java in Linux kernel: some issues"
Previous message: Alan Cox: "Re: behavior of overwriting running executables?"
In reply to: Theodore Y. Ts'o: "Re: CONFIG_RANDOM option for 1.99.2"
Next in thread: Martin.Dalecki: "Re: CONFIG_RANDOM option for 1.99.2"