Bug 4153 - New tcp initial send sequence number code
Summary: New tcp initial send sequence number code
Status: Closed FIXED
Alias: None
Product: Base System
Classification: Unclassified
Component: kern (show other bugs)
Version: 2.2.2-RELEASE
Hardware: Any Any
: Normal Affects Only Me
Assignee: FreeBSD bugs mailing list
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 1997-07-24 00:50 UTC by leres
Modified: 2000-10-27 21:54 UTC (History)
1 user (show)

See Also:


Attachments
file.diff (5.41 KB, patch)
1997-07-24 00:50 UTC, leres
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description leres 1997-07-24 00:50:01 UTC
	The tcp iss number chosen by the 2.2.2-RELEASE kernel while
	an improvement over the constant increment version, it is
	still guessable. Although random() is used, the seed is
	not updated and so the pseudo random number sequence is
	essentially published.

Fix: The following context diffs use a 32 bit random number that
	is based on a seed that is not externally visible. (See
	the comments in tcp_new_iss() for a more detailed explaination.)
	While this version does technically violate the spec, it
	doesn't do so in a manner that will impact any current or
	future implementation. (We've been running a version of
	this code on our SunOS 4 systems since the early days of
	ip spoofing.)

+ rcsdiff -c tcp_input.c
RCS file: RCS/tcp_input.c,v
retrieving revision 1.2
How-To-Repeat: 
	While we haven't actually written the test program that
	guesses the next iss, given access to the kernel source it
	is only an exercise.
Comment 1 wollman 1997-07-24 03:22:59 UTC
<<On Wed, 23 Jul 1997 16:49:14 -0700 (PDT), leres@ee.lbl.gov (Craig Leres) said:

> 	The following context diffs use a 32 bit random number that
> 	is based on a seed that is not externally visible. (See
> 	the comments in tcp_new_iss() for a more detailed explaination.)
> 	While this version does technically violate the spec, it
> 	doesn't do so in a manner that will impact any current or
> 	future implementation. (We've been running a version of
> 	this code on our SunOS 4 systems since the early days of
> 	ip spoofing.)

If you go to this extreme, you might as well just use the in-kernel
secure random number generator instead.

-GAWollman

--
Garrett A. Wollman   | O Siem / We are all family / O Siem / We're all the same
wollman@lcs.mit.edu  | O Siem / The fires of freedom 
Opinions not those of| Dance in the burning flame
MIT, LCS, CRS, or NSA|                     - Susan Aglukark and Chad Irschick
Comment 2 johan freebsd_committer 2000-10-27 21:51:28 UTC
State Changed
From-To: open->feedback

I will close this instead with a proper close message.
Comment 3 johan freebsd_committer 2000-10-27 21:52:35 UTC
State Changed
From-To: feedback->closed

This has been made stronger in 2.2-STABEL, 3-STABEL, 4-STABEL and current. 

From the cvs log: 
Revision 1.81 / (download) - annotate - [select for diffs], Fri Sep 29 01:37:19 2000 UTC (4 weeks ago) by kris  
Branch: MAIN  
Changes since 1.80: +2 -2 lines 
Diff to previous 1.80 (unified) 

Use stronger random number generation for TCP_ISSINCR and tcp_iss. 

Reviewed by:    peter, jlemon