From: "David S. Miller" <davem@redhat.com>
To: "Jörn Engel" <joern@wohnheim.fh-wedel.de>
Cc: cfriesen@nortelnetworks.com, netdev@oss.sgi.com,
linux-kernel@vger.kernel.org
Subject: Re: tcp vulnerability? haven't seen anything on it here...
Date: Wed, 21 Apr 2004 13:20:47 -0700 [thread overview]
Message-ID: <20040421132047.026ab7f2.davem@redhat.com> (raw)
In-Reply-To: <20040421170340.GB24201@wohnheim.fh-wedel.de>
On Wed, 21 Apr 2004 19:03:40 +0200
Jörn Engel <joern@wohnheim.fh-wedel.de> wrote:
> Heise.de made it appear, as if the only news was that with tcp
> windows, the propability of guessing the right sequence number is not
> 1:2^32 but something smaller. They said that 64k packets would be
> enough, so guess what the window will be.
Yes, that is their major discovery. You need to guess the ports
and source/destination addresses as well, which is why I don't
consider this such a serious issue personally.
It is mitigated if timestamps are enabled, because that becomes
another number you have to guess.
It is mitigated also by randomized ephemeral port selection, which
OpenBSD implements and we could easily implement as well.
I'm very happy that OpenBSD checked in a fix for this a week or so
ago and took some of the thunder out of this bogusly hyped announcement.
next prev parent reply other threads:[~2004-04-21 20:20 UTC|newest]
Thread overview: 32+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-04-21 15:25 tcp vulnerability? haven't seen anything on it here Chris Friesen
2004-04-21 16:02 ` Richard B. Johnson
2004-04-21 16:25 ` Chris Friesen
2004-04-21 17:03 ` Jörn Engel
2004-04-21 20:20 ` David S. Miller [this message]
2004-04-22 0:45 ` James Morris
2004-04-22 5:04 ` Willy Tarreau
2004-04-22 8:23 ` Giuliano Pochini
2004-04-22 11:35 ` Richard B. Johnson
2004-04-22 13:17 ` Willy Tarreau
2004-04-22 13:42 ` Richard B. Johnson
2004-04-22 14:18 ` Willy Tarreau
2004-04-22 20:25 ` Richard B. Johnson
2004-04-22 21:08 ` Willy Tarreau
2004-04-22 18:28 ` David S. Miller
2004-04-22 13:22 ` jamal
2004-04-22 13:46 ` Giuliano Pochini
2004-04-22 14:27 ` jamal
2004-04-22 14:37 ` alex
2004-04-22 15:17 ` jamal
2004-04-22 15:27 ` alex
2004-04-22 17:38 ` Horst von Brand
2004-04-22 21:15 ` Florian Weimer
2004-04-22 15:42 ` Chris Friesen
2004-04-22 15:47 ` alex
2004-04-23 10:31 ` Florian Weimer
2004-04-22 13:58 ` Florian Weimer
2004-04-23 13:55 ` Florian Weimer
2004-04-23 14:15 ` alex
2004-04-23 14:25 ` jamal
2004-04-22 20:01 ` Ranjeet Shetye
2004-04-22 21:26 ` Sridhar Samudrala
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20040421132047.026ab7f2.davem@redhat.com \
--to=davem@redhat.com \
--cc=cfriesen@nortelnetworks.com \
--cc=joern@wohnheim.fh-wedel.de \
--cc=linux-kernel@vger.kernel.org \
--cc=netdev@oss.sgi.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).