Slashdot Mirror

← Back to Stories (view on slashdot.org)

Graphing Randomness in TCP Initial Sequence Numbers

Posted by michael on from the winning-lottery-numbers-in-there-somewhere dept.

Saint Aardvark writes "This is neat: Graphic visualization of how random TCP Initial Sequence Numbers really are for different OSs. It's a great way of seeing how secure a TCP stack really is. Cisco IOS is great; OS9, OpenVMS and IRIX aren't. Posted to the ever-lovin' BugTraq mailing list." This is a follow-up to the previous report.

4 of 145 comments (clear)

  1. Original report by Caine · · Score: 5, Informative

    Original report here:

    http://razor.bindview.com/publish/papers/tcpseq.ht ml

  2. Comment removed by account_deleted · · Score: 4, Informative

    Comment removed based on user account deletion

  3. Re:Um, Why no Linux in the report by Clover_Kicker · · Score: 5, Informative
    >Why isn't Linux tested in the report? Its
    >certainly more common than many of the other
    >selections.
    >
    >Should we assume Linux matches *BSD or some other
    >flavor? or do I need to read more carefully :-)

    You need to read more carefully.


    In this section, we review a number of operating systems that were either identified as not satisfactory in the original publication, or were not covered by our research at the time. Several systems, such as Linux, use the same, satisfactory ISN generator as the one used a year ago, and because of that, are not covered here in any more detail.
  4. Re:Linux?? by raynet · · Score: 4, Informative

    If you read the article is says:

    3. New evidence In this section, we review a number of operating systems that were either identified as not satisfactory in the original publication, or were not covered by our research at the time. Several systems, such as Linux, use the same, satisfactory ISN generator as the one used a year ago, and because of that, are not covered here in any more detail.
    --
    - Raynet --> .