From owner-freebsd-security Thu Apr 12 8:53:17 2001 Delivered-To: freebsd-security@freebsd.org Received: from silby.com (adam042-060.resnet.wisc.edu [146.151.42.60]) by hub.freebsd.org (Postfix) with ESMTP id 1048537B422 for ; Thu, 12 Apr 2001 08:53:14 -0700 (PDT) (envelope-from silby@silby.com) Received: (qmail 3358 invoked by uid 1000); 12 Apr 2001 15:53:11 -0000 Received: from localhost (sendmail-bs@127.0.0.1) by localhost with SMTP; 12 Apr 2001 15:53:11 -0000 Date: Thu, 12 Apr 2001 10:53:11 -0500 (CDT) From: Mike Silbersack To: Rob Simmons Cc: Mark T Roberts , Subject: Re: non-random IP IDs In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Thu, 12 Apr 2001, Rob Simmons wrote: > On Thu, 12 Apr 2001, Mike Silbersack wrote: > > > Each IP packet sent has with it a 16-bit ID. The numbers must remain > > unique over a short period of time so fragmentation can work properly. As > > such, everything except recent openbsds simple increments the id by 1 for > > each packet sent out. > > What is the behavior of OpenBSD for this? If its not important, why would > they change it? They generate pseudo-random, nonrepeating ids. For the actual algorithm, see: http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/netinet/ip_id.c?rev=1.2&content-type=text/x-cvsweb-markup&cvsroot=openbsd Although it's nice in theory, the amount of work required to generate the ids seems too great to justify for each packet sent. (Note that I said "seems", I'm not sure if anyone has done actual benchmarks to determine the actual impact.) Mike "Silby" Silbersack To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message