[3721] in linux-net channel archive
Re: sequence numbers
daemon@ATHENA.MIT.EDU (Alan Cox)
Tue Jul 16 10:46:23 1996
From: alan@lxorguk.ukuu.org.uk (Alan Cox)
To: cosmo@ebs.net (Craig Brozefsky)
Date: Sun, 14 Jul 1996 18:32:41 +0100 (BST)
Cc: linux-net@vger.rutgers.edu
In-Reply-To: <Pine.LNX.3.91.960712191322.30887A-100000@gilligan.ebs.net> from "Craig Brozefsky" at Jul 12, 96 07:27:57 pm
> Out of curiosity how does the linux kernel generate it's initial sequence
> number for a socket connection? Is it like most Berkeley derived ones
> with incriment at 128 microseconds + 64 per connection, or does it follow
> the specifications of RFC 793?
Pre Linux 2.0.4 it follows RFC793 but speeded up a bit for good 10Mbit/second
behavour. We now use MD5 hashes so that the sequence space is dependant on
source/dest IP addresses too as recommended by various security folks.
> purposes? I know they took care of the fragmentation problem, but are
> their other known types of attacks?
I believe it is secure against all but denial of service attacks. Those are
implicit in the design of TCP. If you find anything worrying when you inspect
the code let me know. I'd rather have a few spurious queries than a real bug
left.
Alan
