Re: predictable IP ID

Savochkin Andrey Vladimirovich (saw@msu.ru)
Thu, 7 Oct 1999 20:22:30 +0400

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Andreas Jellinghaus: "[2.2.12:pciide] cdroms the last 2048 bytes missing"
Previous message: Brendan Cully: "Re: devfs again, (was RE: USB device allocation)"

Alan was right and I was wrong.
The referenced problem was 2.0 specific and has been solved in the current
kernels on TCP level.
Alan, I'm sorry for being so stupidly insistent on this issue.

I still believe that IP IDs should be unpredictable.
But I don't have more strong arguments than defragmentation attacks and port
scanning with faked source at this moment.

Best regards
Andrey

On Thu, Oct 07, 1999 at 02:05:08PM +0200, Andrea Arcangeli wrote:
> On Mon, 4 Oct 1999, Alan Cox wrote:
>
> >> 2. How should we fix the referenced problem with TCP spoofing (if we decide
> >> not to create any storage)?
> >
> >By making the above/below responses the same
>
> Maybe I am overlooking something. See net/ipv4/tcp_input.c of 2.2.13pre14
> line 2339:
[snip]

Best regards
Andrey

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: Andreas Jellinghaus: "[2.2.12:pciide] cdroms the last 2048 bytes missing"
Previous message: Brendan Cully: "Re: devfs again, (was RE: USB device allocation)"