Bugtraq mailing list archives

DUnix 4.x: way to fix tcp/ip sequence predictability (fwd)

From: jeremy () INDIANA EDU (Jeremy Fischer)
Date: Sat, 4 Oct 1997 13:18:02 -0500


-----BEGIN PGP SIGNED MESSAGE-----


This involves a problem with Digital Unix 4.x having a
predictable TCP sequence. I submitted this to their
response team a couple of months ago, and got this back
from them...

There's really no mention of the TCP sequence problem on
their website or in their docs, so this could be useful
to DUnix admins.

Jeremy

---------- Forwarded message ----------
Date: Thu, 25 Sep 1997 09:38:20 -0600 (MDT)
To: jeremy () copper ucs indiana edu
Subject: C970528-680: way to fix tcp/ip sequence predictability

I heard from the Software Security Response team.  Response attached.
It indicates that the existing patches resolve this problem.

Digital Equipment Corp.
-------------

Hello,
This has certainly been a chase.  It seems this has indeed been resolved in
a patch available within the base level setld patches......

This problem was fixed in the following:

Version         Patch
ID
-------         --------
V4.0            OSF400-247
V4.0A           OSF405-071
V4.0B           OSF410-068
V4.0C           OSF415-410068
extract:    TCP code improvements:

 fully dynamic TCP hash table, can change size on the fly without having
 to reboot (tcbhashsize) support for TCP hash support for TCP hash table
 size larger than 1024 (tcbhashsize) improved TCP TCP timer algorithm
 eliminates a large percentage of the processing overhead needed to
 handle the tcp timer task more efficient port allocation code decreases
 outgoing connection overhead (ipport_userreserved) randomized TCP
 initial sequence number.  IP reassembly fix for >12Gb memory systems and
 other minor TCP/IP bug fixes

Current thread:

DUnix 4.x: way to fix tcp/ip sequence predictability (fwd) Jeremy Fischer (Oct 04)