Just out of curiosity--
What exactly is this output of nmap a function of (please, no
tautologous responses), and how is it important? What determines the
TCP sequence numbers? How real a vulnerability is created by their
predictability?
TCP Sequence Prediction: Class=random positive increments
Difficulty=5272173 (Good luck!)
I notice that results can vary from Class=trivially time dependent/
Difficulty=1 (trivial joke) to Class=truly random/ Difficulty=9999999.
Is it possible or in any way desirable to tweak the system to change
the TCP sequence numbers (I think I am OK already, I'm just asking)?
Or is this type of vulnerability too esoteric to in any way concern
the home user?
Secondly, are the time and daytime daemons needed for anything,
really, if we're talking about a home user? I have them disabled. No
difference, as far as I can see, in mail headers (which either way are
not synchronized with the SMTP relay host) or anywhere else. (On an
unrelated point of interest -- if they are enabled, nmap cannot
identify the OS.)
Best,
Corvin
--
Corvin Russell
On Tue, 19 Sep 2000, Corvin Russell wrote:
Just out of curiosity--
What exactly is this output of nmap a function of (please, no tautologous responses), and how is it important? What determines the TCP sequence numbers? How real a vulnerability is created by their predictability?
TCP Sequence Prediction: Class=random positive increments Difficulty=5272173 (Good luck!)
Check out the following URL's for more info: http://packetstorm.securify.com/docs/infosec/sequence_attacks.txt http://www.nai.com/nai_labs/asp_set/advisory/07_tcpspoofing_adv.asp http://www.xenos.net/pub/security/tools/all http://www.s0d.org/books/www.bitpunk.com/ipext.pdf That should give you the information you need. Gr Stefan
Thanks. Corvin On Thu, Sep 21, 2000 at 12:04:13AM +0200, Stefan Suurmeijer wrote:
Check out the following URL's for more info:
http://packetstorm.securify.com/docs/infosec/sequence_attacks.txt
http://www.nai.com/nai_labs/asp_set/advisory/07_tcpspoofing_adv.asp
http://www.xenos.net/pub/security/tools/all
http://www.s0d.org/books/www.bitpunk.com/ipext.pdf
That should give you the information you need.
Gr
Stefan
--
Corvin Russell
participants (2)
-
Corvin Russell
-
Stefan Suurmeijer