On Wed, 21 Apr 2004, David S. Miller wrote:
> On Wed, 21 Apr 2004 19:03:40 +0200
> Jörn Engel <joern@xxxxxxxxxxxxxxxxxxxx> wrote:
>
> > Heise.de made it appear, as if the only news was that with tcp
> > windows, the propability of guessing the right sequence number is not
> > 1:2^32 but something smaller. They said that 64k packets would be
> > enough, so guess what the window will be.
>
> Yes, that is their major discovery. You need to guess the ports
> and source/destination addresses as well, which is why I don't
> consider this such a serious issue personally.
>
> It is mitigated if timestamps are enabled, because that becomes
> another number you have to guess.
>
> It is mitigated also by randomized ephemeral port selection, which
> OpenBSD implements and we could easily implement as well.
What about the techniques mentioned in
http://www.ietf.org/internet-drafts/draft-ietf-tcpm-tcpsecure-00.txt ?
Curiously there is no mention of port guessing or timestamps there.
- James
--
James Morris
<jmorris@xxxxxxxxxx>
|