Bugtraq mailing list archives
Re: NT4-SP3 Sequence Prediction
From: zeus () SHELL ACADIACOM NET (Mark Gansle)
Date: Wed, 9 Sep 1998 17:31:09 -0500
On Wed, 9 Sep 1998 nate () ROOT ORG wrote:
It is very easy. Assume that you have a standard deviation of 3 in the sequence every 10 ms (Ivan Arce measured a stdev of 2.6942). This means that a single guessed sequence of 499, 500, or 501 has a ~68% (1 stdev) chance of being correct. Assuming you are guessing one every 10 ms, it would only take 3 tries (30 ms) for you to have a better than 90% chance of succeeding.
Just as a point of order, ~68% would fall between 496 and 502, assuming a bell-shaped curve. Your numbers fell within a one-standard-deviation interval, and 68% fall within one standard deviation (plus or minus) of the mean (499, according to Ivan). Plus, I'd wonder if the distribution is truly bell-shaped. Regardless of this point, your argument is still valid. Chebysev's theorem tells us that at least 75% would fall within a 12-unit interval, which means that this is open to a not-so-brute force attack. Mark Gansle
Current thread:
- Re: NT4-SP3 Sequence Prediction nate () ROOT ORG (Sep 09)
- Re: NT4-SP3 Sequence Prediction Mark Gansle (Sep 09)
- SSH 1.2.25/HP-UX 10.20 Vulnerability Security Research Team (Sep 10)
- Re: SSH 1.2.25/HP-UX 10.20 Vulnerability Joao Miguel Neves (Sep 10)
- <Possible follow-ups>
- Re: NT4-SP3 Sequence Prediction Steve Bellovin (Sep 09)