[5365] in bugtraq
Re: HP-UX tcp_random_seq
daemon@ATHENA.MIT.EDU (Casper Dik)
Tue Oct 7 11:22:14 1997
Date: Tue, 7 Oct 1997 12:12:24 +0200
Reply-To: Casper Dik <casper@HOLLAND.SUN.COM>
From: Casper Dik <casper@HOLLAND.SUN.COM>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: Your message of "Mon, 06 Oct 1997 10:22:09 CDT."
<Pine.SUN.3.94.971006100841.14830C-100000@dfw.dfw.net>
>I dont belive this is been given enough distribution. Under HP-UX you can
>configure it to use random TCP sequence numbers by setting the
>tcp_random_seq variable. The values are:
>
> 0 - old behavior (default)
> 1 - rand(3) bahavior
> 2 - rand48(3) behhavior
>
>The seed value for the rand*() functions is based on the time when
>tcp_init() (or nettune) is called, so dont make your uptime public
>(i.e. rstatd).
>
Solaris 2.x has a similar option.
ndd -set /dev/tcp tcp_string_iss <value>
It accepts three values (2 in 2.5*)
0 - old behaviour
1 - using random(3) [default]
2 - new in 2.6., RFC 1948 support
The password for this is set from root's /etc/shadow entry
using ndd -set /dev/tcp tcp_1948_phrase <shadow field>
The method to set this in 2.6 is editing /etc/default/inetinit and add
TCP_STRONG_ISS=2
If you have lots of clients with the same encrypted root password, you'd
want to find another way of setting the tcp_1948_phrase
Casper
