[3702] in linux-net channel archive
Re: sequence numbers
daemon@ATHENA.MIT.EDU (Theodore Y. Ts'o)
Mon Jul 15 11:52:02 1996
Date: Sun, 14 Jul 1996 21:43:53 -0400
From: "Theodore Y. Ts'o" <tytso@mit.edu>
To: Craig Brozefsky <cosmo@ebs.net>
Cc: linux-net@vger.rutgers.edu
In-Reply-To: Craig Brozefsky's message of Fri, 12 Jul 1996 19:27:57 -0500
(CDT), <Pine.LNX.3.91.960712191322.30887A-100000@gilligan.ebs.net>
Date: Fri, 12 Jul 1996 19:27:57 -0500 (CDT)
From: Craig Brozefsky <cosmo@ebs.net>
Out of curiosity how does the linux kernel generate it's initial sequence
number for a socket connection? Is it like most Berkeley derived ones
with incriment at 128 microseconds + 64 per connection, or does it follow
the specifications of RFC 793?
It uses the technique suggested by Steve Bellovin to generate sequence
numbers in a secure fashion. That is, take the RFC 793 clock, and add
to it a value generated by taking the cryptographic hash of the TCP end
point information, plus a random secret. This provides the RFC 793
guarantees, plus it makes it impossible for an attacker to take the
sequence number from one TCP connection to guess what the initial
sequence number will be for another TCP connection.
- Ted
