Graphing Randomness in TCP Initial Sequence Numbers 145
Saint Aardvark writes "This is neat: Graphic visualization of how random TCP Initial Sequence Numbers really are for different OSs. It's a great way of seeing how secure a TCP stack really is. Cisco IOS is great; OS9, OpenVMS and IRIX aren't. Posted to the ever-lovin' BugTraq mailing list." This is a follow-up to the previous report.
I find it interesting (Score:1, Interesting)
(To those tempted to reply that "they know it's secure", I'd like to point out that assumed security without testing is exactly what keeps getting MS in trouble)
Re:Previously posted.... (Score:2, Interesting)
But it is still a nice article, illustrating Knuth's advice simply to plot random numbers to visually quickly judge the quality of a pseudo random number generator.
tc/ip (Score:0, Interesting)
Any hw based ISN generators? (Score:4, Interesting)
Re:Understanding Randomness (Score:5, Interesting)
Cost: less than one dollar.
What about home router sequence numbers? (Score:1, Interesting)
RFC 1948 (Score:3, Interesting)
The idea is to add a bias to the sequence numbers that depends on the source address. A client will be able to predict his own sequence numbers but not the sequence numbers of others. The bias is calculated using a cryptographic hash of the connection ID and a secret value.
A TCP implementation that uses RFC 1948 may still get a very poor rating for initial sequence number predictability from tools like nmap.
Does anyone know any TCP stack that actually implements it?