Slashdot Mirror

← Back to Stories (view on slashdot.org)

Graphing Randomness in TCP Initial Sequence Numbers

Posted by michael on from the winning-lottery-numbers-in-there-somewhere dept.

Saint Aardvark writes "This is neat: Graphic visualization of how random TCP Initial Sequence Numbers really are for different OSs. It's a great way of seeing how secure a TCP stack really is. Cisco IOS is great; OS9, OpenVMS and IRIX aren't. Posted to the ever-lovin' BugTraq mailing list." This is a follow-up to the previous report.

2 of 145 comments (clear)

  1. Any hw based ISN generators? by ch-chuck · · Score: 4, Interesting

    't be cool to have a board with a bit of radioactive alpha source and a counter to make genuine random numbers. Like this, or, ha, here's one (3rd from the top) that proposes using disk drive air turbulance to generate random numbers!

    --
    try { do() || do_not(); } catch (JediException err) { yoda(err); }
  2. Re:Understanding Randomness by thomasj · · Score: 5, Interesting
    Lets face it: current computers and humans are both as bad as each other at randomness. The fact that computers have to "calculate" randomness is a bad sign in itself [...]
    The funny thing is, that is really easy to construct a randomness hardware device. A zener diode can generate a lot of white noise just below its saturation point, so a circuit like this will do the trick:
    12V
    |
    R1
    |
    +-Z-/
    |
    R2
    |
    +-C1-/
    |
    C2
    |
    +-R3-/
    |
    SchmidtTrigger-/
    |
    Out
    For some reasonal values of the resistors and capacitors this would give a constant flow of ones and zeros that comes right out of the blue air (funny enough literally speaking) with more entropy than we will ever need.

    Cost: less than one dollar.

    --
    :-) = I am happy
    :^) = I am happy with my big nose
    C:\> = I am happy with my OS