Re: non-random IP IDs
From: Kris Kennaway (kris@obsecurity.org)
Date: 04/16/01
- Next message: Darren Reed: "Re: ipfilter state tables"
- Previous message: Kris Kennaway: "Re: non-random IP IDs"
- In reply to: Darren Reed: "Re: non-random IP IDs"
- Next in thread: Julian Elischer: "Re: non-random IP IDs"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 16 Apr 2001 13:08:14 -0700 From: Kris Kennaway <kris@obsecurity.org> To: Darren Reed <avalon@coombs.anu.edu.au>
On Tue, Apr 17, 2001 at 06:02:42AM +1000, Darren Reed wrote:
> > > You should optimize it for mod being 2^n-1 (or make that a requirement).
> >
> > I'm afraid I don't have time to look at this right now. Perhaps it
> > can be revisited (the sysctl defaults to off for now), or Niels Provos
> > may be interested in the idea.
>
> Basically it means '% mod' -> '& mod' and call it with a 2^n-1 number.
Oh, okay.
> > Well, it still has wrapping properties like a network-order counter,
> > i.e. the algorithm attempts to order the output so that it doesn't
> > wrap within the segment lifetime. That would be lost without using
> > HTONS.
>
> You're confusing properties of the local number and some opaque bits in
> a packet being sent over the 'net.
Quite likely.
Kris
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
- application/pgp-signature attachment: stored
- Next message: Darren Reed: "Re: ipfilter state tables"
- Previous message: Kris Kennaway: "Re: non-random IP IDs"
- In reply to: Darren Reed: "Re: non-random IP IDs"
- Next in thread: Julian Elischer: "Re: non-random IP IDs"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
