Security Incidents mailing list archives
RE: CRv2 - Questions
From: Jose Nazario <jose () biocserver BIOC cwru edu>
Date: Mon, 23 Jul 2001 15:31:49 -0400 (EDT)
On Mon, 23 Jul 2001, The Death wrote:
You are right, i did not notice that the total number is covering the entire possible 32-bit positions (therefore, all IPs). In any case, this IS considered a PRNG, it is just that the seeding configurations (using static seeds and not random seeds) break the security, and bring it to a level of a simple, known, list.
i intended to do this analysis of 'randb', the class b PRNG used in ramen and its cousins. never got around to it, happy to see that someone else has looked at CR's PRNG. (ie warn the networks which are most likely to show up as targets based on the output of the PRNG.) however, the fact that it hit *all* values of 2^32 suggests it probably, like ramen did, screwed with the multicast networks. ie the traffic storms were massive. any word from you mcast people on the fallout from CR? ____________________________ jose nazario jose () cwru edu PGP: 89 B0 81 DA 5B FD 7E 00 99 C3 B2 CD 48 A0 07 80 PGP key ID 0xFD37F4E5 (pgp.mit.edu) ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- CRv2 - Questions The Death (Jul 21)
- Re: CRv2 - Questions Nick FitzGerald (Jul 22)
- RE: CRv2 - Questions The Death (Jul 22)
- Re: CRv2 - Questions Steffen Dettmer (Jul 23)
- RE: CRv2 - Questions The Death (Jul 23)
- RE: CRv2 - Questions Jose Nazario (Jul 23)
- Re: CRv2 - Questions Ronald Tse (Jul 24)
- RE: CRv2 - Questions The Death (Jul 24)
- RE: CRv2 - Questions The Death (Jul 22)
- Re: CRv2 - Questions Nick FitzGerald (Jul 22)