On Sun, 15 Oct 2006 17:55:17 +0100, Rui Paulo <rpaulo@fnop.net> wrote:


> 
> revision 1.108
> date: 2001/03/20 20:07:51;  author: thorpej;  state: Exp;  lines:  
> +126 -31
> Two changes, designed to make us even more resilient against TCP
> ISS attacks (which we already fend off quite well).
> 
> 1. First-cut implementation of RFC1948, Steve Bellovin's cryptographic
>     hash method of generating TCP ISS values.  Note, this code is  
> experimental
>     and disabled by default (experimental enough that I don't export the
>     variable via sysctl yet, either).  There are a couple of issues I'd
>     like to discuss with Steve, so this code should only be used by  
> people
>     who really know what they're doing.
> 
> 
> I spoke with Steve Bellovin last week about this, but I'll let him  
> explain what happened by his own words.
> 
I'm not sure what the issue is.  I suspect it's
http://www.cert.org/advisories/CA-2001-09.html and the paper it's based on,
http://www.thenewsh.com/~newsham/random-increments.pdf -- that identifies
some possible remaining issues with 1948 code.  The problem is that
"better" fixes have the potential of breaking TCP correctness.

Anyway -- the proposal on the table isn't to make 1948 mode the default;
it's to make a sysctl available to let people who want it turn it on.
Even if you agree with the issues in that paper, the paper itself notes
that 1948 mode is much better than doing nothing.


		--Steven M. Bellovin, http://www.cs.columbia.edu/~smb