Summary: | New tcp initial send sequence number code | ||||||
---|---|---|---|---|---|---|---|
Product: | Base System | Reporter: | Craig Leres <leres> | ||||
Component: | kern | Assignee: | freebsd-bugs (Nobody) <bugs> | ||||
Status: | Closed FIXED | ||||||
Severity: | Affects Only Me | CC: | leres | ||||
Priority: | Normal | ||||||
Version: | 2.2.2-RELEASE | ||||||
Hardware: | Any | ||||||
OS: | Any | ||||||
Attachments: |
|
Description
Craig Leres
1997-07-24 00:50:01 UTC
<<On Wed, 23 Jul 1997 16:49:14 -0700 (PDT), leres@ee.lbl.gov (Craig Leres) said: > The following context diffs use a 32 bit random number that > is based on a seed that is not externally visible. (See > the comments in tcp_new_iss() for a more detailed explaination.) > While this version does technically violate the spec, it > doesn't do so in a manner that will impact any current or > future implementation. (We've been running a version of > this code on our SunOS 4 systems since the early days of > ip spoofing.) If you go to this extreme, you might as well just use the in-kernel secure random number generator instead. -GAWollman -- Garrett A. Wollman | O Siem / We are all family / O Siem / We're all the same wollman@lcs.mit.edu | O Siem / The fires of freedom Opinions not those of| Dance in the burning flame MIT, LCS, CRS, or NSA| - Susan Aglukark and Chad Irschick State Changed From-To: open->feedback I will close this instead with a proper close message. State Changed From-To: feedback->closed This has been made stronger in 2.2-STABEL, 3-STABEL, 4-STABEL and current. From the cvs log: Revision 1.81 / (download) - annotate - [select for diffs], Fri Sep 29 01:37:19 2000 UTC (4 weeks ago) by kris Branch: MAIN Changes since 1.80: +2 -2 lines Diff to previous 1.80 (unified) Use stronger random number generation for TCP_ISSINCR and tcp_iss. Reviewed by: peter, jlemon MARKED AS SPAM |