[4319] in bugtraq
Re: SNI-12: BIND Vulnerabilities and Solutions
daemon@ATHENA.MIT.EDU (Theo de Raadt)
Wed Apr 23 04:32:13 1997
Date: Wed, 23 Apr 1997 00:09:51 -0600
Reply-To: Theo de Raadt <deraadt@CVS.OPENBSD.ORG>
From: Theo de Raadt <deraadt@CVS.OPENBSD.ORG>
X-To: David Wagner <daw@CS.BERKELEY.EDU>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: Your message of "Tue, 22 Apr 1997 18:11:23 PDT."
<5jjnjr$b5r@joseph.cs.berkeley.edu>
> It attempts to make the query ID unpredictable, but fails -- the "random"
> numbers it generates are still predictable (after a trivial 2^16 offline
> trials).
Did you include all the details included in res_random.c such as the
code which causes the entire system is reset with whole new seeds
after a fixed period of time (300 seconds is it)? You can predict a
sequence and feed it the next few numbers before the generator reseeds
itself?
Hmm. I'll let Niels comment further ;-)
> And the seeding is terrible -- two years ago Netscape used
> timeofday and pid to seed their PRNG, too, and look what happened to them.
Hey, I make no apologies for operating systems that ship without a
source of strong(ish) random numbers in their libc!
If res_random.c is compiled on a machine that #defines __OpenBSD__ the
source patch does not supply a fake arc4random() routine; instead the
OpenBSD version of the routine is used which uses an RC4 generator
seeded from a source of stronger random data supplied by the kernel.
(OpenBSD also uses this random in a number of other ... interesting
places ;-)
I supplied the arc4random() routine and well, it sucks; I was writing
it as quick as I could. I think it's clear that anyone who wanted to
use the code should replace that part with something a bit better.
I'd invite anyone else who comes up with something better to make it
available. Remember it goes into libc of every program that calls
gethostby*....
I don't think there is a "solution" to the problem. We're talking
bandaids. I've never felt the raw power of a T3, but I suppose they'd
be able to bombard fast enough to still get in via brute force. I
hope what we worked on makes it hard, perhaps someone else can make it
better.
