Bugtraq mailing list archives
Re: Linux blind TCP spoofing, act II + others
From: antirez () SPEEDCOM IT (Salvatore Sanfilippo -antirez-)
Date: Tue, 10 Aug 1999 05:43:02 +0200
A secure patch is work in progress thanks to precious advices from Solar Designer and Theo de Raadt. I'll send this patch to bugtraq when done. Please, if you are some good links about how to is possible to compute N for 'X^2 mod N' generator in real-time or links about others hard to predict RNG send me an email. antirez On Sat, Aug 07, 1999 at 09:58:10AM -0700, David Wagner wrote:
In article <19990806123911.A1147 () speedcom it>, Salvatore Sanfilippo -antirez- <antirez () speedcom it> wrote:i think that a consecutive IP id now can be considered a weakness in IP stacks. [...] Here is a patch for linux 2.0.36 [...] 'Truly random id' [...]Your patch isn't secure. It uses a weak pseudo-random number generator to generate id's, and an attacker can just crack the PRNG to predict what id's will be used in the future. I think you probably want to use /dev/urandom to generate your IP id's, to prevent this attack. (Or use a variant of Bellovin's RFC 1948, adapted to generate IP id's instead of TCP ISN's.)
-- Salvatore Sanfilippo antirez () speedcom it antirez () alicomitalia it ALICOM snc Tel: +39-0871-403522 Fax: +39-0871-41960 Web: www.alicom.com try hping: http://www.kyuzz.org/antirez FreeSilviaBaraldiniFreeSilviaBaraldiniFreeSilviaBaraldiniFreeSilviaBarald
Current thread:
- Re: Linux blind TCP spoofing, act II + others, (continued)
- Re: Linux blind TCP spoofing, act II + others Alan Cox (Aug 06)
- Re: Linux blind TCP spoofing, act II + others Solar Designer (Aug 07)
- IRC: Exploit for a Bug in ircd2.10.x (qident) psychoid () GMX NET (Aug 07)
- FW1 UDP Port 0 DoS Malikai (Aug 09)
- Re: FW1 UDP Port 0 DoS Malikai (Aug 09)
- Re: Linux blind TCP spoofing, act II + others Alan Cox (Aug 06)
- Re: Linux blind TCP spoofing, act II + others Salvatore Sanfilippo -antirez- (Aug 06)
- Re: Linux blind TCP spoofing, act II + others Theo de Raadt (Aug 07)
- Please pass the word: RAID registration deadlines! Gene Spafford (Aug 06)
- Crash FrontPage Remotely... Narr0w (Aug 07)
- Re: Linux blind TCP spoofing, act II + others David Wagner (Aug 07)
- Re: Linux blind TCP spoofing, act II + others Salvatore Sanfilippo -antirez- (Aug 09)