Forgot your password?
typodupeerror
Security

Graphing Randomness in TCP Initial Sequence Numbers 145

Posted by michael
from the winning-lottery-numbers-in-there-somewhere dept.
Saint Aardvark writes "This is neat: Graphic visualization of how random TCP Initial Sequence Numbers really are for different OSs. It's a great way of seeing how secure a TCP stack really is. Cisco IOS is great; OS9, OpenVMS and IRIX aren't. Posted to the ever-lovin' BugTraq mailing list." This is a follow-up to the previous report.
This discussion has been archived. No new comments can be posted.

Graphing Randomness in TCP Initial Sequence Numbers

Comments Filter:
  • by PhysicsGenius (565228) <physics_seeker@yahooELIOT.com minus poet> on Wednesday September 11, 2002 @08:23AM (#4236134)
    that Linux is apparently beneath their contempt. Do they know something we don't know?

    (To those tempted to reply that "they know it's secure", I'd like to point out that assumed security without testing is exactly what keeps getting MS in trouble)

  • by mvw (2916) on Wednesday September 11, 2002 @08:34AM (#4236178) Journal
    Hm, I am not 100% sure, but isn't this the third time this article was featured on Slashdot?

    But it is still a nice article, illustrating Knuth's advice simply to plot random numbers to visually quickly judge the quality of a pseudo random number generator.

  • tc/ip (Score:0, Interesting)

    by Anonymous Coward on Wednesday September 11, 2002 @08:45AM (#4236220)
    Question how can you tell tc/ip stack is from windows versus linux?
  • by ch-chuck (9622) on Wednesday September 11, 2002 @09:21AM (#4236410) Homepage
    't be cool to have a board with a bit of radioactive alpha source and a counter to make genuine random numbers. Like this [fourmilab.ch], or, ha, here's [std.com] one (3rd from the top) that proposes using disk drive air turbulance to generate random numbers!
  • by thomasj (36355) on Wednesday September 11, 2002 @09:40AM (#4236602) Homepage
    Lets face it: current computers and humans are both as bad as each other at randomness. The fact that computers have to "calculate" randomness is a bad sign in itself [...]
    The funny thing is, that is really easy to construct a randomness hardware device. A zener diode can generate a lot of white noise just below its saturation point, so a circuit like this will do the trick:
    12V
    |
    R1
    |
    +-Z-/
    |
    R2
    |
    +-C1-/
    |
    C2
    |
    +-R3-/
    |
    SchmidtTrigger-/
    |
    Out
    For some reasonal values of the resistors and capacitors this would give a constant flow of ones and zeros that comes right out of the blue air (funny enough literally speaking) with more entropy than we will ever need.

    Cost: less than one dollar.

  • by Anonymous Coward on Wednesday September 11, 2002 @10:02AM (#4236827)
    What about LinkSys, Netgear, SMC, Assante, DLink and other home routers? How good are their sequence numbers?
  • RFC 1948 (Score:3, Interesting)

    by XNormal (8617) on Wednesday September 11, 2002 @03:01PM (#4239427) Homepage
    A TCP implementation that generates initial sequence numbers using a trivial time dependency may be secure against sequence number guessing attacks if it implements RFC 1948 [ietf.org].

    The idea is to add a bias to the sequence numbers that depends on the source address. A client will be able to predict his own sequence numbers but not the sequence numbers of others. The bias is calculated using a cryptographic hash of the connection ID and a secret value.

    A TCP implementation that uses RFC 1948 may still get a very poor rating for initial sequence number predictability from tools like nmap.

    Does anyone know any TCP stack that actually implements it?

Your program is sick! Shoot it and put it out of its memory.

Working...