[7868] in bugtraq
Re: Borderware predictable initial TCP
daemon@ATHENA.MIT.EDU (Aggelos P. Varvitsiotis)
Thu Sep 3 14:13:41 1998
Date: Thu, 3 Sep 1998 12:14:56 +0300
Reply-To: "Aggelos P. Varvitsiotis" <avarvit@CC.ECE.NTUA.GR>
From: "Aggelos P. Varvitsiotis" <avarvit@CC.ECE.NTUA.GR>
X-To: racer-x@ALTAVISTA.NET
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <199809021716.NAA01102@web03.iname.net> from
"racer-x@ALTAVISTA.NET" at Sep 2, 98 01:16:21 pm
> AFAIK, this problem is not a Firewall-1 problem but a HP-UX problem.
>
> Please respond to Gigi Sullivan <sullivan@SECLAB.COM>
> To: BUGTRAQ@NETSPACE.ORG
> Subject: Re: Borderware predictable initial TCP sequence numbers
>
> Hello there,
>
> This can be applied also to Firewall-1 (CheckPoint) running on an
> HP-UX 10.X series.
>
>
> bye bye
>
>
> *************************************************
> Racer X
>
> (Unknown to Speed, Racer X is actually his older
> brother Rex, who ran away from home years ago)
> racer-x@altavista.net
> *************************************************
> --------------------------------------------------------------------------------
> -------------------------------\r\nGet your free email from altavista.iname.com
>
Fix for HP-UX 9.X (this has been around for quite some time):
echo "tcp_random_seq/W 2" | /usr/bin/adb -w /hp-ux /dev/kmem
There is a similar fix for 10.X floating around, for whom may
be interested to look for it.
a.varvitsiotis@iccs.ntua.gr A.Varvitsiotis
ICCS Computer Center
National Technical University of Athens
