Vulnerability Development mailing list archives
Re: TCP/IP ISN Prediction Susceptibility
From: "Solar, Eclipse" <solareclipse () PHREEDOM ORG>
Date: Tue, 13 Mar 2001 14:35:43 -0600
On Tue, Mar 13, 2001 at 09:55:01AM -0800, Crist Clark wrote:
It seems that Guardent claims that the pseudo-random ISN generation algorithm implemented in most TCP/IP stacks is flawed. Does anybody have more information about this?Maybe this has something to do with it or vice-versa, http://www.cisco.com/warp/public/707/ios-tcp-isn-random-pub.shtml
I still don't see the news here. Nmap sequence prediction has been around for ages. It seems odd that Cisco (Guardent?) has just recently discovered this. This is what nmap reports for a bunch of cisco switches, with different versions of IOS. Cisco 6500: TCP Sequence Prediction: Class=random positive increments Difficulty=1124 (Medium) Cisco 5000: TCP Sequence Prediction: Class=64K rule Difficulty=1 (Trivial joke) Cisco 3000: TCP Sequence Prediction: Class=trivial time dependency Difficulty=3 (Trivial joke) Cisco 7200: TCP Sequence Prediction: Class=random positive increments Difficulty=789 (Medium) Cisco 4000: TCP Sequence Prediction: Class=64K rule Difficulty=1 (Trivial joke) Solar Eclipse solareclipse () phreedom org
Current thread:
- TCP/IP ISN Prediction Susceptibility Solar, Eclipse (Mar 12)
- Re: TCP/IP ISN Prediction Susceptibility Crist Clark (Mar 13)
- Re: TCP/IP ISN Prediction Susceptibility Solar, Eclipse (Mar 13)
- Re: TCP/IP ISN Prediction Susceptibility Holger van Koll (Mar 13)
- Re: TCP/IP ISN Prediction Susceptibility Elias Levy (Mar 14)
- Re: TCP/IP ISN Prediction Susceptibility Olaf Kirch (Mar 14)
- Re: TCP/IP ISN Prediction Susceptibility Lincoln Yeoh (Mar 14)
- Re: TCP/IP ISN Prediction Susceptibility Elias Levy (Mar 14)
- Re: TCP/IP ISN Prediction Susceptibility Crist Clark (Mar 13)
- Re: TCP/IP ISN Prediction Susceptibility Mike Sues (Mar 13)
- Re: TCP/IP ISN Prediction Susceptibility Dom De Vitto (Mar 13)
- Re: TCP/IP ISN Prediction Susceptibility Vitaly Osipov (Mar 13)
- Re: TCP/IP ISN Prediction Susceptibility Lincoln Yeoh (Mar 14)
- Re: TCP/IP ISN Prediction Susceptibility Mike Fedyk (Mar 14)
- <Possible follow-ups>
- Re: TCP/IP ISN Prediction Susceptibility Eric D. Williams (Mar 13)