Re: tcp vulnerability? haven't seen anything on it here...

tcp vulnerability? haven't seen anything on it here... · Chris Friesen <hidden> · 2004-04-21
Re: tcp vulnerability? haven't seen anything on it here... · Richard B. Johnson <hidden> · 2004-04-21
Re: tcp vulnerability? haven't seen anything on it here... · Chris Friesen <hidden> · 2004-04-21
Re: tcp vulnerability? haven't seen anything on it here... · Jörn Engel <hidden> · 2004-04-21
Re: tcp vulnerability? haven't seen anything on it here... · David S. Miller <hidden> · 2004-04-21
Re: tcp vulnerability? haven't seen anything on it here... · James Morris <hidden> · 2004-04-22
Re: tcp vulnerability? haven't seen anything on it here... · Willy Tarreau <hidden> · 2004-04-22
Re: tcp vulnerability? haven't seen anything on it here... · Giuliano Pochini <hidden> · 2004-04-22
Re: tcp vulnerability? haven't seen anything on it here... · Richard B. Johnson <hidden> · 2004-04-22
Re: tcp vulnerability? haven't seen anything on it here... · Willy Tarreau <hidden> · 2004-04-22
Re: tcp vulnerability? haven't seen anything on it here... · Richard B. Johnson <hidden> · 2004-04-22
Re: tcp vulnerability? haven't seen anything on it here... · Willy Tarreau <hidden> · 2004-04-22
Re: tcp vulnerability? haven't seen anything on it here... · Richard B. Johnson <hidden> · 2004-04-22
Re: tcp vulnerability? haven't seen anything on it here... · Willy Tarreau <hidden> · 2004-04-22
Re: tcp vulnerability? haven't seen anything on it here... · David S. Miller <hidden> · 2004-04-22
Re: tcp vulnerability? haven't seen anything on it here... · jamal <hidden> · 2004-04-22
Re: tcp vulnerability? haven't seen anything on it here... · Giuliano Pochini <hidden> · 2004-04-22
Re: tcp vulnerability? haven't seen anything on it here... · jamal <hidden> · 2004-04-22
Re: tcp vulnerability? haven't seen anything on it here... · <hidden> · 2004-04-22
Re: tcp vulnerability? haven't seen anything on it here... · jamal <hidden> · 2004-04-22
Re: tcp vulnerability? haven't seen anything on it here... · <hidden> · 2004-04-22
Re: tcp vulnerability? haven't seen anything on it here... · Chris Friesen <hidden> · 2004-04-22
Re: tcp vulnerability? haven't seen anything on it here... · <hidden> · 2004-04-22
Re: tcp vulnerability? haven't seen anything on it here... · <hidden> · 2004-04-23
Re: tcp vulnerability? haven't seen anything on it here... · jamal <hidden> · 2004-04-23
Re: tcp vulnerability? haven't seen anything on it here... · Ranjeet Shetye <hidden> · 2004-04-22
Re: tcp vulnerability? haven't seen anything on it here... · Sridhar Samudrala <hidden> · 2004-04-22

From: James Morris <hidden>
Date: 2004-04-22 00:51:55
Also in: lkml

On Wed, 21 Apr 2004, David S. Miller wrote:

On Wed, 21 Apr 2004 19:03:40 +0200
Jörn Engel [off-list ref] wrote:

quoted

Heise.de made it appear, as if the only news was that with tcp
windows, the propability of guessing the right sequence number is not
1:2^32 but something smaller.  They said that 64k packets would be
enough, so guess what the window will be.

Yes, that is their major discovery.  You need to guess the ports
and source/destination addresses as well, which is why I don't
consider this such a serious issue personally.

It is mitigated if timestamps are enabled, because that becomes
another number you have to guess.

It is mitigated also by randomized ephemeral port selection, which
OpenBSD implements and we could easily implement as well.

What about the techniques mentioned in
http://www.ietf.org/internet-drafts/draft-ietf-tcpm-tcpsecure-00.txt ?

Curiously there is no mention of port guessing or timestamps there.


- James
-- 
James Morris
[off-list ref]

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help