Date: Mon, 16 Apr 2001 08:36:57 -0600 From: Wes Peters <wes@softweyr.com> To: Kris Kennaway <kris@obsecurity.org> Cc: freebsd-security@FreeBSD.ORG, net@FreeBSD.org Subject: Re: non-random IP IDs Message-ID: <3ADB0389.5D236D88@softweyr.com> References: <001f01c0c30b$805b0840$d2e2fdce@netrex.com> <Pine.BSF.4.31.0104120035120.2153-100000@achilles.silby.com> <20010416020311.A1292@xor.obsecurity.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Kris Kennaway wrote: > > On Thu, Apr 12, 2001 at 12:40:32AM -0500, Mike Silbersack wrote: > > > Each IP packet sent has with it a 16-bit ID. The numbers must remain > > unique over a short period of time so fragmentation can work properly. As > > such, everything except recent openbsds simple increments the id by 1 for > > each packet sent out. > > > > As a result, you can tell the number of packets sent on an idle host by > > seeing the difference in id numbers for the packets it sends back to you. > > It's not really that important of an issue, don't worry about it. > > Here's a patch ported from OpenBSD which randomizes this (supposedly > such that it respects the constraint of not wrapping within the > prescribed time period). I should wrap it in a sysctl, I guess. > > http://www.freebsd.org/~kris/ipid.patch > > Comments? Looks clean. The only comment I can find is: Why not have ip_randomid() return the ID in network byte order? It would save several HTONS macros trailing the ip_randomid() calls. -- "Where am I, and what am I doing in this handbasket?" Wes Peters Softweyr LLC wes@softweyr.com http://softweyr.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3ADB0389.5D236D88>