Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Chances of guessing?

From: bicknell () ussenterprise async vt edu (Leo Bicknell)
Date: Fri, 27 Jan 1995 10:38:48 -0500 (EST)

        I've been following the discussion on IP spoofing, and
ways to prevent it.  While all that is well and good, I would
like an objective measure of risk.

        I've read the procedure for guessing sequence numbers
and the like, and it seems simple enough, except on any system
with a heavy load.  For instance, take a machine that gets 
20 new connections/second on average (fairly likely on
a machine thats run as a WWW server for instance).  Given that
most systems increment the sequence counter by some amount
per new connection, and you can't predict how many new connections
will occur in a given time interval it seems that this hole
just got a lot harder to exploit.

        I'm not advocating relying on the system load for security,
just trying to get an idea of how quickly someone might be able 
to get in.  I'd like to avoid writing a program to exploit this
and testing it several hundred times here to get a figure.

-- 
Leo Bicknell - bicknell () vt edu                     | Make a little birdhouse
               bicknell () csugrad cs vt edu          | in your soul......
               bicknell () ussenterprise async vt edu | They Might
http://ussenterprise.async.vt.edu/~bicknell/       | Be Giants
Previous By Date Next
Previous By Thread Next

Current thread: