Re: tcp vulnerability? haven't seen anything on it here...

From: James Morris
Date: Wed Apr 21 2004 - 19:54:30 EST

On Wed, 21 Apr 2004, David S. Miller wrote:

> On Wed, 21 Apr 2004 19:03:40 +0200
> Jörn Engel <joern@xxxxxxxxxxxxxxxxxxxx> wrote:
> > made it appear, as if the only news was that with tcp
> > windows, the propability of guessing the right sequence number is not
> > 1:2^32 but something smaller. They said that 64k packets would be
> > enough, so guess what the window will be.
> Yes, that is their major discovery. You need to guess the ports
> and source/destination addresses as well, which is why I don't
> consider this such a serious issue personally.
> It is mitigated if timestamps are enabled, because that becomes
> another number you have to guess.
> It is mitigated also by randomized ephemeral port selection, which
> OpenBSD implements and we could easily implement as well.

What about the techniques mentioned in ?

Curiously there is no mention of port guessing or timestamps there.

- James
James Morris

To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at
Please read the FAQ at