[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Scanning OpenBSD with NMAP - mysterious Results ???

Joseph W. Shaw II wrote:
> TCP sequence number predictability most certainly is a measure of an
> operating system's security.  The harder they are to predict, the
> better off you are from spoofing attacks.  Just ask Shimomura.  However,

We're talking about the randomness of the initial sequence number of a TCP
session. It has nothing to do with all other protocols and even less with the
security of the os. It just shows up the possibility of blind-spoofing. One
does not care much if cryptography is being used for the connection.

Maybe that's true, but true randomness also makes your tcp/ip stack less
reliable. OpenBSD developers have chosen a good value to make security *AND*
reliability happy.

(More randomness makes it harder for the kernel to "collect" the packets from
the net, sorry, this is definitely not tech-speak). Fyodor has already been
informed about his misunderstanding of TCP.

1024D/DC805C44 2000-07-06 http://cran.ath.cx/~seb/publicpgpkey.asc 
key fingerprint A079 88E9 3617 838D ED65  A7D1 277D D529 DC80 5C44