Graphing Randomness in TCP Initial Sequence Numbers

← Back to Stories (view on slashdot.org)

Graphing Randomness in TCP Initial Sequence Numbers

Posted by michael on Wednesday September 11, 2002 @12:07AM from the winning-lottery-numbers-in-there-somewhere dept.

Saint Aardvark writes "This is neat: Graphic visualization of how random TCP Initial Sequence Numbers really are for different OSs. It's a great way of seeing how secure a TCP stack really is. Cisco IOS is great; OS9, OpenVMS and IRIX aren't. Posted to the ever-lovin' BugTraq mailing list." This is a follow-up to the previous report.

11 of 145 comments (clear)

amazing by Phosphor3k · 2002-09-11 00:11 · Score: 5, Funny

He must be running a server with no tcp stack. heh.
New TCP/IP flags by Tinfoil · 2002-09-11 00:18 · Score: 5, Funny

I propose a new flag in the standard TCP/IP packet. We shall call this the Slashdot Flag. The general purpose of this flag is to state whether or not the bandwidth limits of the server can handle the requirements a Slashdot posting can impose. If the flag is set false, Slashcode will automatically generate numerous, random, 'this page has been slashdotted' posts requesting a link to a mirror.

That being said, the page *is* finally loading up so I'm going to go look at some pictures now.

--

tinfoilmedia
Already Slashdotted by Quixote · 2002-09-11 00:20 · Score: 5, Insightful

The story's barely out on /. and its already slashdotted.
/. story submission page should have a checkbox: "Please mirror the contents of this page (including graphics, which Google doesn't cache) before posting the story".
Original report by Caine · 2002-09-11 00:22 · Score: 5, Informative

Original report here:

http://razor.bindview.com/publish/papers/tcpseq.ht ml
Comment removed by account_deleted · 2002-09-11 00:32 · Score: 4, Informative

Comment removed based on user account deletion
Re:Um, Why no Linux in the report by Clover_Kicker · 2002-09-11 00:33 · Score: 5, Informative

>Why isn't Linux tested in the report? Its
>certainly more common than many of the other
>selections.
>
>Should we assume Linux matches *BSD or some other
>flavor? or do I need to read more carefully :-)

You need to read more carefully.

In this section, we review a number of operating systems that were either identified as not satisfactory in the original publication, or were not covered by our research at the time. Several systems, such as Linux, use the same, satisfactory ISN generator as the one used a year ago, and because of that, are not covered here in any more detail.
3rd parties don't have the authority by DrSkwid · 2002-09-11 00:34 · Score: 4, Insightful

"Please could you violate the site's copyright before posting the story"

although "please use server xxx.xxx as the proxy" for submissions could be a solution

could even set up Apache to do that on a url therefore subtly circumventing the copyright problem, banners could be passed through.

--
There are places where the networks are not touching,and there are places where they are-Boeing's Lori Gunter
Understanding Randomness by Nosher · 2002-09-11 00:36 · Score: 5, Insightful

Lets face it: current computers and humans are both as bad as each other at randomness. The fact that computers have to "calculate" randomness is a bad sign in itself, and the humans that program these computers are almost utterly incapable of perceiving true randomness anyway. I'm waiting for the day when the national lottery comes up 1,2,3,4,5 with a bonus ball of 6. Society will crumble, public enquiries will be called for and conspiracy theorists will have something to bang on about for years. I think that barring the sudden development of Quantum x86 chips (at which point randomness becomes "real" and encryption becomes pretty much unbreakable), the only real solution for decent randomness must surely be TCP/IP seeding based on Lava Lamps

--
It's too late for me to die young
1. Re:Understanding Randomness by thomasj · 2002-09-11 01:40 · Score: 5, Interesting
  
  Lets face it: current computers and humans are both as bad as each other at randomness. The fact that computers have to "calculate" randomness is a bad sign in itself [...]
  The funny thing is, that is really easy to construct a randomness hardware device. A zener diode can generate a lot of white noise just below its saturation point, so a circuit like this will do the trick:
  12V | R1 | +-Z-/ | R2 | +-C1-/ | C2 | +-R3-/ | SchmidtTrigger-/ | Out
  For some reasonal values of the resistors and capacitors this would give a constant flow of ones and zeros that comes right out of the blue air (funny enough literally speaking) with more entropy than we will ever need.
  Cost: less than one dollar.
  
  --
  :-) = I am happy
  :^) = I am happy with my big nose
  C:\> = I am happy with my OS
Any hw based ISN generators? by ch-chuck · 2002-09-11 01:21 · Score: 4, Interesting

't be cool to have a board with a bit of radioactive alpha source and a counter to make genuine random numbers. Like this, or, ha, here's one (3rd from the top) that proposes using disk drive air turbulance to generate random numbers!

--
try { do() || do_not(); } catch (JediException err) { yoda(err); }
Re:Linux?? by raynet · 2002-09-11 02:04 · Score: 4, Informative

If you read the article is says:

3. New evidence In this section, we review a number of operating systems that were either identified as not satisfactory in the original publication, or were not covered by our research at the time. Several systems, such as Linux, use the same, satisfactory ISN generator as the one used a year ago, and because of that, are not covered here in any more detail.

--
- Raynet --> .