Slashdot Mirror
Graphing Randomness in TCP Initial Sequence Numbers
Saint Aardvark writes "This is neat: Graphic visualization of how random TCP Initial Sequence Numbers really are for different OSs. It's a great way of seeing how secure a TCP stack really is. Cisco IOS is great; OS9, OpenVMS and IRIX aren't. Posted to the ever-lovin' BugTraq mailing list." This is a follow-up to the previous report.
at /..
Most of you will know about this from a previous post of mine, however for full details on this story check this out
I piss on Mecca. I menstruate on the Koran. I shit on Mohammed.BR
He must be running a server with no tcp stack. heh.
The paper talks about a n-dimensional space, but only looks at the 3-dimensional case. It is totaly possible that the picture looks different at other dimensions (even at two), and spoofing works better when you use that as a basis. Which of course doesn't make the others more secure should they have better results at other dimensions - the worst case is still the worst case.
Comment removed based on user account deletion
It amazes me that so many allegedly "educated" people have allowed themselves to be so swiftly deluded by a fraudulent fabrication of such ridiculous proportions. The very idea that not one, but two jumbo jets would crash themselves into a famous New York skyscraper -- in broad daylight with vigilant air-traffic controllers and tight airport security watching every move of every craft in the air -- is laughable. Furthermore, it is a horrendous affront to the world-renowned intellect and common sense of the American people. The fact that anyone could actually believe this is evidence that the Liberals -- after decades of waging war against intellectual integrity and honesty -- have finally ripped the few remaining, tenuous strands of control of our educational system from full-blooded, hard-working, God-fearing Americans.
As such wonderful documentaries as The Siege have so articulately exposed, the Liberal masterminds in Berkeley and their toadies throughout the nation have been silently waging war against the American people and their God-given rights to protect themselves, their worship, their family values, and their hard work. Much of this has been conducted under the guise of preventing "terrorism", a meaningless word engineered by radical left-wingers specifically to bring fear into the heart of honest Americans. Think about it -- can you remember any reference to so-called "terrorism" that occurred before Liberals invaded our government offices in the last decade? Of course you can't, because despite whatever the revisionist histories may tell you, there is no mention of any "terrorism" in classic literature before 1980. Only then did the neo-Marxists invent such absurd figures as Timothy McVeigh and Osama Bin Laden in order to legitimize their anti-freedom agenda, drowning the spirit of the American people in a blatantly-engineered machine of fear and mourning for "victims" of these "terrorist attacks".
In fact, it should be incredibly obvious that the concept of a 110-story building even being built, much less two, is a clear and obvious fraud. No documentation of these "twin towers" existed before a "terrorist attack" occured on the previously-nonexistent pair of skyscrapers on September the 11th. Due to this hoax being perpetrated by the Liberal-controlled media, suddenly people all over the world mourned the loss of thousands of people who had not existed before. Innocent men and women, brainwashed by the left-wing education institutions, gave firsthand accounts of losing relatives they never had until the "attack" happened.
But the most outrageous aspect of this hoax is the "Pentagon" -- a government office fabricated especially for this purpose. Liberal media claims this imaginary building to be "the center of America's defense system", although obviously an organization as proud and God-fearing as the United States Military would never think to station themselves in a building of five sides, so obviously close to the pentagram, mark of Lucifer himself. It is insulting to the nation's intelligence that eight hundred members of the world's proudest institution would be made to meet their Lord by something as graceful, efficient, and secure as our country's fine aviation system.
Don't let the devious tricks of the Liberals allow you, a citizen of the greatest nation this Earth has ever or will ever know, to surrender your freedoms. Any lesser nation would have succumbed to their wills long ago, and indeed the socialist states in Europe already have. It is only the superior resilience, pride, and intellect of America that has allowed it to withstand the constant threat of Liberal control.
subject sais it all, don't look while eating
I propose a new flag in the standard TCP/IP packet. We shall call this the Slashdot Flag. The general purpose of this flag is to state whether or not the bandwidth limits of the server can handle the requirements a Slashdot posting can impose. If the flag is set false, Slashcode will automatically generate numerous, random, 'this page has been slashdotted' posts requesting a link to a mirror.
That being said, the page *is* finally loading up so I'm going to go look at some pictures now.
tinfoilmedia
A similar story which I found on Google can be found here. I don't think it is as spectacular as some things I've looked at (think goatse.. :-) ), but it'll be an eye-opener for those interested in TCP, and stacks in general.
Is this a record, can we run a book on how quickly we can /. microsoft
heh
Bullsh*t, you troll. You haven't even read the page, I'll bet.
Original report here:
t ml
http://razor.bindview.com/publish/papers/tcpseq.h
(To those tempted to reply that "they know it's secure", I'd like to point out that assumed security without testing is exactly what keeps getting MS in trouble)
A definition of irony
Contribution by Erpo
Why isn't Linux tested in the report? Its certainly more common than many of the other selections.
:-)
Should we assume Linux matches *BSD or some other flavor? or do I need to read more carefully
this is not a sig
How about GNU/Hurd (I can't see if it's in the graph because of the ./ effect)? Last time I installed it (approximately six months ago) there was no random generation device...
fear my zig!
Comment removed based on user account deletion
Good job, karma whore.
"Please could you violate the site's copyright before posting the story"
although "please use server xxx.xxx as the proxy" for submissions could be a solution
could even set up Apache to do that on a url therefore subtly circumventing the copyright problem, banners could be passed through.
There are places where the networks are not touching,and there are places where they are-Boeing's Lori Gunter
Lets face it: current computers and humans are both as bad as each other at randomness. The fact that computers have to "calculate" randomness is a bad sign in itself, and the humans that program these computers are almost utterly incapable of perceiving true randomness anyway. I'm waiting for the day when the national lottery comes up 1,2,3,4,5 with a bonus ball of 6. Society will crumble, public enquiries will be called for and conspiracy theorists will have something to bang on about for years. I think that barring the sudden development of Quantum x86 chips (at which point randomness becomes "real" and encryption becomes pretty much unbreakable), the only real solution for decent randomness must surely be TCP/IP seeding based on Lava Lamps
It's too late for me to die young
I like big cars, big guns, big motorcycles, and big tits. I believe the money I make belongs to me and my family, not some mid-level governmental functionary with a bad comb-over who wants to give it away to crack addicts squeezing out babies.
I don't care about appearing compassionate. I think playing with guns doesn't make you a killer. I believe it's called the Boy Scouts for a reason. I think I'm better than the homeless. I don't think being a minority makes you noble or victimized. I don't care if you call me a racist, a homophobe or a misogynist. I am not tolerant of others just because they are different.
I know that no matter how big Jennifer Lopez's ass gets, I'll still want to see it. I don't celebrate Kwanzaa. I believe that if you are selling me a Big Mac, you do it in English. I don't use the excuse "it's for the children" as a shield for unpopular opinions or actions.
I want to know when MTV became such crap. I think getting a hummer is sex, and every man is entitled to at least one extremely sloppy one per month.
I know what the definition of lying is. I think Oprah's eyes are way too far apart. I didn't take the initiative in inventing the Internet.
I want them to bring back safe and sane fireworks.
I believe no one ever died because of something Ozzy Osborne, Ice-T or Marilyn Manson sang. I think that being a student doesn't give you any more enlightenment than working at Blockbuster.
I don't want to eat or drink anything with the words light, lite or fat-free on the package. I believe everyone has a right to pray to his or her God or gods, and they can do it in their schools. I think the Clippers should play in the WNBA.
My heroes are John Wayne, Ronald Reagan, Norman Schwartzkopf, Colin Powell and whoever canceled Dr. Quinn Medicine Woman. I think creative violence and useless nudity and sex makes Iraqis deader and movies more interesting.
I don't hate the rich. I don't pity the poor. I know wrestling is fake, but I still think The Rock could kick my butt. I think global warming is junk science. I've never owned or was a slave, I didn't wander forty years in the desert after getting chased out of Egypt, I haven't burned any witches or been persecuted by the Turks and neither have you, so shut-the-fuck-up already.
Rocky and Bullwinkle still makes me laugh. I think you can respect and admire women while mentally undressing them. I believe a self-righteous liberal with a cause is more dangerous than a Play Station.
I want to know which church is it exactly where the Rev. Jesse Jackson preaches. I think explosions are cool. I don't care where Ellen DeGeneres puts her tongue. I think the cops have every right to shoot your sorry ass if you're running from them. I thought Spinal Tap was great, but Rob Reiner can still kiss my ass.
I worry about dying before I get even.
I like the convenience of buying oranges while I'm waiting at a stoplight, and I'm pretty sure the Latina midget selling them to me is glad she no longer lives in a refrigerator packing carton outside Ensenada.
I figured out Bruce Willis was dead midway through The Sixth Sense but enjoyed it anyway. I think turkey bacon sucks. I want somebody to explain to me exactly why it's wrong to point out that when I watch a freeway chase, I know the losers the police eventually pull out of the car are gonna be gang-banging homies or hispanics.
I believe that it doesn't take a village to raise a child, it takes a parent. I think tattoos and piercings are fine if you want them, but please don't pretend they are a political statement and not a fad. I like hard women, hard liquor and a hard bowel movement first thing in the morning.
I believe you don't have to speak with a lisp to pick out a couch for your living room.
I'll admit that the only movies that ever made me cry was Sands of Iwo Jima and Ole Yeller. I didn't realize Dr. Seuss was a genius until I had a kid. I will not conform or compromise just to keep from hurting somebody's feelings. Making love is fine, but sometimes I just wanna get laid.
I'm neither angry nor disenfranchised, no matter how desperately the mainstream media would like the world to believe otherwise.
YES, I'm a BAD American...... >:-)
Might this be a bit of MS led DNS attack.
This post encoded with ROT26. If you can read it, you've violated the DMCA. Handcuffs please, sergeant.
Question how can you tell tc/ip stack is from windows versus linux?
Is it Microware's OS-9, or Apple Mac OS 9?
http://www.club977.com/ - The 80's Channel!
Your source for commercial free 80's music!
Posting anonymously because I'm not a whore.
Given that the server is slashdotted, here are a few facts about pseudo-random number generators:
Linear Congruential Generators are infamous for certain weaknesses, most notably that n-tuples fall "mainly on the planes": they lie on hyperplanes in higher dimensional space, depending on the additive and multiplicative parameters chosen.
This doesn't mean that they are any worse for cryptography purposes, because even if you choose parameters that aren't as bad, once the generator parameters are determined and a seed is found, the sequence is deterministic.
But, all is not lost. Modern generators often use shuffling techniques, where you keep track of a few dozen numbers at a time, and then pick one number to determine which of the pool to select, and a second number to replace that selected number. Even a poor LCG when accompanied by such a shuffling technique can perform well. Well, not a really poor one--IIRC randu had problems that shuffling would not fix. I believe the gnu lrand48 and friends use this shuffling technique, as well as CMUCL. I suppose this can be even better if you populate the initial pool of numbers from outside the pseudo-random sequence, so that the potential attacker has almost no shot at figuring out what you seeds are, but to scientists who aren't worried about cryptographic purposes, that is counter-productive. I believe that there are some generators that have been proven 'non-invertible'--you can not go backwards in the sequence except by performing brute force search. Whether or not TCP geeks use these is beyond my knowledge.
But, all is still not safe. You have to be careful about how you change your random number into a usable number. Often people use the high-order bits (e.g., they multiply by some number and then round off). This can be a mistake (of course depending on what your generator really is, and what your purposes are).
When I saw it in the Bugtraq mailing list.
Extremely interesting, I'm probably just uninformed, but this has been one of the first examples I've seen where a 3d rendering has been used to express data in a way that makes any sense to me (I am mathematically challenged).
He tried to kill me with a forklift!
It's just a 133mhz netbsd box on a home adsl line though, but I figured the more the merrier.
Realistically, the amount of time to crack a random number generating algorithm is NP which means it increases exponentially with the length of the algorithm. So I suppose you could say that some pseudo-random number generators are theoretically crackable, but if it takes longer than the age of the universe to crack them (which it will for large values of N), that's random enough for practical applications.
But to be abstract, if you define a computer as an universal turing machine, a computer will *never* be able to be non-deterministic, no matter how fast it is or how many instructions it has.
OTOH you can graft randomness into it with such external things as the box I mentioned...And any REAL computer (as opposed to a turing machine) will stuff up occasionally (flip a flipflop to 1 instead of 0, etc.), so maybe this is a bit of nondeterminism?
Why test NextStep? Because he still uses it? It will not and has not been upgraded in about 5 years unless you count Mac OS X as the upgrade (which it is).
If u've read stephen wolfram's "a new kind of science" this is exactly the type of graphical thinking he advocates.
-- -- --
Help my mini cause: My journal
Don't click the link in the story. It's a fake linked to goatse.cx [coredump.cx]
These people should be put behind bars for trying to crack the TCP/IP stack. They have also attacked so many different OS's. Atleast MS should sue them.
't be cool to have a board with a bit of radioactive alpha source and a counter to make genuine random numbers. Like this, or, ha, here's one (3rd from the top) that proposes using disk drive air turbulance to generate random numbers!
try { do() || do_not(); } catch (JediException err) { yoda(err); }
Unless Apple decided to start adding a version number to the version number, I think we can assume it it Microware's OS-9.
Is is just me or was there no Linux graph? Or because it was listed in the previous test?? Even then, they just tested 2.2...
These operating systems were all 100% predictable- why was OpenVMS mentioned as being one of the worst? Frankly, it did poorly for an OS that has always been prsented as an example of great security, but I don't think the obsolete VAX platform represents the typical OpenVMS installation anymore. A test of OpenVMS Alpha would have been more useful. It's possible that there's a difference.
Gamingmuseum.com: Give your 3D accelerator a rest.
...mostly because OpenVMS people tend to think, that 'their' OS is the most secure one on this planet (just like OpenBSD developers do, too).
;-), nmap rating ~10
Compared to Standard-Unices, OpenVMS might offer superior security, mostly because of the privilege model it utilizes instead of giving all-powerful root privileges to many user space applications.
On the other hand, we've got OSs which have much more sophisticated security than OpenVMS.
First, there is IBM's AS/400, which has got a privilege model quite similar in extent to the one used in OpenVMS, but additionally it has object-based design, and therefore object-based security (type enforcement and such...). However, it lacks Mandatory Access Control, TCB, Trusted Path and some other things mostly required by military and/or government environments, and therefore it only achieves a C2 security rating.
And then there are a couple of really secure Trusted Unices/Unix-style OSs, like Trusted Solaris, the Pitbull Addon for Solaris and AIX, Trusted IRIX, or XTS/400.
Just talking about fine-grained privilege controls: Argus' Pitbull has got around 100 privileges, how many privileges are there on an OpenVMS box?
No OS has ever received an A1 security branding. And the only OS which has ever received a B3 security branding, is actually a Trusted Unix Environment, something like a Unix clone with some proprietary security mechanisms built into the kernel (OpenVMS was B1 or maybe B2, iirc).
---
Regarding secure TCP/IP initial sequence number generation, it does not take a Trusted OS to just generate secure sequence numbers.
About two months ago, I compared initial sequence number generation on the following OSs using nmap:
* Windows 95
* Windows ME
* Linux 2.2.x
* Windows 2000 (plain)
* Windows 2000 (with Norton Internet security installed)
* OS/2 Warp Server Advanced 4.0 (default install)
* Sun Solaris 7 x86 (with tcp_strong_iss set to 2)
The results where pretty interesting and also a bit surprising:
Windows 95 was worst (ok, that's not surprising
Then came OS/2, which was not much better, nmap rating ~ 1000
(BTW: does anyone have nmap results from OS/390 or OS/400?)
Even Windows ME was a bit better than OS/2, but still far away from being secure, nmap rating ~ 8000
There was little difference between Win2k with Norton's Firewall (~12000) and Win2k without the Firewall (~15000)
Linux' results were quite good, nmap rating approximately some hundred-thousands or millions
Solaris with tcp_strong_iss set to 2 seemed to offer really strong sequence number generation, so nmap just printed a lot of 9s
---
Additional information:
Here is nmap.
Here is Argus Systems (EAL4 security for Solaris/AIX)
Here is IBM's AS/400
Here is Getronics (B3 secure Unix Environment running Unix and Linux applications)
And finally, here is OpenVMS
What about LinkSys, Netgear, SMC, Assante, DLink and other home routers? How good are their sequence numbers?
Not being well versed in statistics and math in general, I was struck by the resemblance of some of these pictures to images that i've seen of far off galaxy's and star clusters. Could it be that we live in a very high resolution of a randomness graph from some other universe???
You may think that having a duplicate quadruple is unlikely, but that isn't true. The most common quadruples are: your ip, your port just a bit bigger than 1024, your http proxy server ip, port 80.
Using a random local port also helps, though I don't know of systems that do that for TCP.
You are overlooking the fact that most OpenVMS installations use third party TCP/IP stacks, generally Multinet or TCPware from Process Software (the CMU stack being largely defunct now), which do not suffer from this defect. This is largely because the initial implementation of DEC's TCP/IP stack, UCX, was buggy as hell and lacked many features, although it is finally starting to catch up.
Not that it matters much anyway. This predictable ISN weakness only threatens systems configured to trust others based solely upon their IP address (a bad idea). The only ways to crack a properly configured OpenVMS system currently involve (1)physical access to the console, (2) "social hacking" (tricking someone into telling you their password), or (3) packet sniffing for protocols which pass unencrypted passwords such as POP3 and telnet (easily solved by disabling such nonsecure protocols); three vulnerabilities which pose a threat to any OS, no matter how well designed. Nice having an OS which cannot be compromised via buffer overflow exploits (OpenVMS discards data from buffer overflows and raises an exception, always. Overflowing data cannot be executed).
*** Quantum Mechanics: The Dreams of Which Stuff is Made ***
Hello,
:-)
could you please tell me more about this hardware device you're diving a diagram about ? What are the exact components please ?
Thanks,
--
Gilbert
(gilbertf@posse-press.com)
Actually it was sent to the full disclosure mailing list members at least 14 hours before bugtraq members, but that's ok, some people like old news :)
a couple of wires suspended is a good brownian motion generator, like a nice hot cup of tea... :)
surprisingly, this is the third time ive seen this article on slashdot. get a clue. thanks.
I propose a new flag in the standard TCP/IP packet. We shall call this the Slashdot Flag.
There is already a flag in HTTP/1.1 (which operates on top of TCP) that allows Slashdot attacks to be detected. It's called the Referer: header. If the referer is slashdot.org then either refuse the visitor (bugzilla does this) or present a static page with low-resolution graphics.
Will I retire or break 10K?
I'm seeing tons of people complaining how badly this site got slashdotted. I also remember from the last time, when it did too. However, after reading a few articles about "slashdotted" solutions, I clicked the link, and here it is...
I could see what people are trying to mirror. I remember an article bitching about squid servers in ISP's, but I'm happy if I can get my stuff.
I noticed Tru64 is shown to be insecure... can HPCompaq invent a reason to sue the authors?
Thank you, I was going to say the same thing...the whole point of the paper is to demonstrate that hijacking a connection is entirely feasible on certain systems. Why else would you need to predict ISNs?
The fact that they even have to mention that IRIX is insecure just shows how out of touch geekdom as a whole has become. Why even test IRIX for security holes? It's light years beyond swiss cheese.
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
How bizzarre -
Linux is one of the most popular server platforms on the net, so the absense of results from that platform stands out like a sore thumb.
I wonder what this guy's point is, or what statement he's trying to make here, by pretending linux doesn't exist, while covering some relatively obscure platforms instead...
Seconded. A couple of years ago as a VMS Admin, I used to say 'I wouldn't use UCX if they gave it away'. When they started giving it away, I didn't use it. CMU isn't totally obsolete, either. It does 'work', and it is free. I set it up a few years ago at our local court house when lightning killed the serial ports on their terminal concentrator. They had a 90TL sitting right there, with all of the PC's ethernetted together. A short chunk of coax dropped down to the 90TL, load CMU, reconfigure Reflection to use TCP/IP rather than serial, and everything was better than ever.
(Note, this is an internal network only, no internet exposure, no dialup, no one there with a clue how to hack TCP/IP, and nothing that interesting on the VAX to make it worth the effort.)
Tester Seemed to forget about Linux. If he feels that Mac OS/9 or Unicos are more important to internet security then... hmmm
I didn't see Linux on there at all. Weird, considering it's a fairly major OS.
-- Note: If you don't agree with me, don't bother replying. I won't read it.
Only those OSes which scored badly the first time around were retested.
.03% probability of a successful attack. Satisfactory but not 0.
.0000001%?)
That said, the last test was for 2.2 - It would be useful to test 2.4 just for comparison. It sounded like 2.2 had a few *MINOR* flaws (Mainly a reduced number of bits of randomness, probably easily changed by changing the type of a variable or two) that despite being flaws, were insignificant. Something like a
Has 2.4 achieved a 0? (Or at least
Or what if the kernel developers accidentally screwed something up and 2.4 is worse than 2.2? (HIGHLY unlikely but still possible...)
retrorocket.o not found, launch anyway?
A TCP implementation that generates initial sequence numbers using a trivial time dependency may be secure against sequence number guessing attacks if it implements RFC 1948.
The idea is to add a bias to the sequence numbers that depends on the source address. A client will be able to predict his own sequence numbers but not the sequence numbers of others. The bias is calculated using a cryptographic hash of the connection ID and a secret value.
A TCP implementation that uses RFC 1948 may still get a very poor rating for initial sequence number predictability from tools like nmap.
Does anyone know any TCP stack that actually implements it?
Stop worrying about the risks of nuclear power and start worrying about the risks of not using nuclear power.
And I just tried [www.bugzilla.org], and it worked fine
I wasn't aware of www.bugzilla.org. I was referring to bugzilla.mozilla.org, which just refused me.
Will I retire or break 10K?
It's a great way of seeing how secure a TCP stack really is.
Yeah, right.
Try the following: plot 500 points with point i having x coordinate Fib(i + 37) % 97 and y coordinate Fib(i + 97) % 97 (where Fib(i) is the i-th Fibonacci number). They look random, but in fact are totally predictable!
Now imagine that someone got this right, and uses a crypto-secure PRNG to generate their TCP ISNs, seeding it with known-good random data. It would be nice to believe that this defeats all known TCP attacks! In fact, of course, their stack may be completely open to all kinds of attacks not involving ISN spoofing.
The graphics are amusing, but not particularly informative except in the negative case. There is no substitute for real security. Testing can only prove a system insecure. ISN attacks are not the biggest worry in most TCP applications.
> Tester Seemed to forget about Linux. If he feels that Mac OS/9 or Unicos are more important to internet security then... hmmm
Poster Seemed to forget about reading the article before posting; quote:
"In this section, we review a number of operating systems that were either identified as not satisfactory in the original publication, or were not covered by our research at the time. Several systems, such as Linux, use the same, satisfactory ISN generator as the one used a year ago, and because of that, are not covered here in any more detail."
Any idea what software was used to make those graphs?
It looks like a neat tool for visualizing sets of numbers.
It reminds me of this awesome applet that shows frequency of numbers used on the net: numbers
Here is a case of "graphing randomness":
http://www.cs.wisc.edu/~kovar/hall.html
Table-ized A.I.
Oops, I got something wrong in the original post...
Windows 2000 WITHOUT Norton's Firewall had an nmap rating of ~ 12000, Windows 2000 WITH the Firewall achieved the better rating of course, approximately 15000.
OpenVMS can not identify data which came Buffer overflows, and therefore, OpenVMS can also be exploited via buffer overflows - this can be prooved by writing just a few lines of C code.
The only difference to many other OSs is, that applications do not have more privileges than are required to run the application, while on Linux for example many applications (like Sendmail or FTP-Servers) have Superuser-privileges, and therefore can override Discretionary Access Control.
I am almost absolutely sure, that it is possible to also run arbitrary code by exploiting buffer overflows on OpenVMS. But even if you could not, you can still modify data and pointert - that's enough to compromise security of a privileged program.
There are also Unix operating systems which have a privilege model, and some of them have got a much more fine grained privilege model than OpenVMS *PLUS* Trusted Computing Base Controls, File Security Flags and many other things.
So OpenVMS is by far not the most secure OS - personally, I think even OS/400 is more secure, because of its object-based design and its type-enforcment policies.
I would love to see such code, as this does not jive with what I've observed in my own socket coding. When a buffer overflow occurs on a VMS socket_read() call (at least under Multinet), the overflowing data doesn't seem to even get written to memory, let alone passed to DCL (unlike the situation in Unix and Windows where overflowing data gets passed to the shell).
*** Quantum Mechanics: The Dreams of Which Stuff is Made ***
"The lesson to be learned is not to take the comments on slashdot too literally." --Vinnie Falco, BearShare