Bugtraq mailing list archives

Re: preventing sequence number guessing

From: newsham () aloha net (Timothy Newsham)
Date: Wed, 25 Jan 1995 10:10:25 -1000 (HST)

I've only got one novel idea: instead of using tcp_iss directly
for the SYN everytime a new TCP/IP connection is opened, send
MD5(tcp_iss) [or maybe MD5(tcp_iss, time(NULL), ...)].


This sounds awefully expensive.  One md5 operation for each
new passive or active connection.

MD5 to predict sequence numbers.  MD5 is quite fast (is it fast
enough?) and is completely exportable.  Code for MD5 is available


This is a good question.  How many connections do you expect per
second (both incoming and outgoing)?  How much of a load will
this place on the rest of the machine?

Current thread:

Re: Recent troubles der Mouse (Jan 24)
- Re: Recent troubles Darren Reed (Jan 24)
- preventing sequence number guessing David A. Wagner (Jan 24)
  - Re: preventing sequence number guessing Darren Reed (Jan 24)
  - accpet(3n) under SOlaris 2.4 Jas (Jan 25)
    - Re: accpet(3n) under SOlaris 2.4 Casper Dik (Jan 25)
  - Re: preventing sequence number guessing Timothy Newsham (Jan 25)
    - IP Spoofing and Vendors' attitude Christopher Klaus (May 12)
    - Re: IP Spoofing and Vendors' attitude Oliver Friedrichs (Jan 25)
    - Re: IP Spoofing and Vendors' attitude Mark (Jan 26)
    - Re: preventing sequence number guessing David A. Wagner (Jan 25)
    - Re: preventing sequence number guessing Perry E. Metzger (Jan 25)
- <Possible follow-ups>
- Re: Recent troubles der Mouse (Jan 25)