Graphing Randomness in TCP Initial Sequence Numbers

Saint Aardvark writes "This is neat: Graphic visualization of how random TCP Initial Sequence Numbers really are for different OSs. It's a great way of seeing how secure a TCP stack really is. Cisco IOS is great; OS9, OpenVMS and IRIX aren't. Posted to the ever-lovin' BugTraq mailing list." This is a follow-up to the previous report.

amazing

[Phosphor3k]

He must be running a server with no tcp stack. heh.

New TCP/IP flags

[Tinfoil]

I propose a new flag in the standard TCP/IP packet. We shall call this the Slashdot Flag. The general purpose of this flag is to state whether or not the bandwidth limits of the server can handle the requirements a Slashdot posting can impose. If the flag is set false, Slashcode will automatically generate numerous, random, 'this page has been slashdotted' posts requesting a link to a mirror.

That being said, the page *is* finally loading up so I'm going to go look at some pictures now.

Already Slashdotted

[Quixote]

The story's barely out on /. and its already slashdotted.

/. story submission page should have a checkbox: "Please mirror the contents of this page (including graphics, which Google doesn't cache) before posting the story".

Original report

[Caine]

Original report here:

http://razor.bindview.com/publish/papers/tcpseq.ht ml

Re:Um, Why no Linux in the report

[Clover_Kicker]

>Why isn't Linux tested in the report? Its
>certainly more common than many of the other
>selections.
>
>Should we assume Linux matches *BSD or some other
>flavor? or do I need to read more carefully :-)

You need to read more carefully.

In this section, we review a number of operating systems that were either identified as not satisfactory in the original publication, or were not covered by our research at the time. Several systems, such as Linux, use the same, satisfactory ISN generator as the one used a year ago, and because of that, are not covered here in any more detail.

Understanding Randomness

[Nosher]

Lets face it: current computers and humans are both as bad as each other at randomness. The fact that computers have to "calculate" randomness is a bad sign in itself, and the humans that program these computers are almost utterly incapable of perceiving true randomness anyway. I'm waiting for the day when the national lottery comes up 1,2,3,4,5 with a bonus ball of 6. Society will crumble, public enquiries will be called for and conspiracy theorists will have something to bang on about for years. I think that barring the sudden development of Quantum x86 chips (at which point randomness becomes "real" and encryption becomes pretty much unbreakable), the only real solution for decent randomness must surely be TCP/IP seeding based on Lava Lamps

Re:Understanding Randomness

[thomasj]

Lets face it: current computers and humans are both as bad as each other at randomness. The fact that computers have to "calculate" randomness is a bad sign in itself [...]

The funny thing is, that is really easy to construct a randomness hardware device. A zener diode can generate a lot of white noise just below its saturation point, so a circuit like this will do the trick:

12V
|
R1
|
+-Z-/
|
R2
|
+-C1-/
|
C2
|
+-R3-/
|
SchmidtTrigger-/
|
Out

For some reasonal values of the resistors and capacitors this would give a constant flow of ones and zeros that comes right out of the blue air (funny enough literally speaking) with more entropy than we will ever need.

Cost: less than one dollar.