Re: TCP Sequence-Prediction (4.5-PRE)

From: Mike Silbersack (silby@silby.com)
Date: 01/03/02


Date: Thu, 3 Jan 2002 16:07:43 -0500 (EST)
From: Mike Silbersack <silby@silby.com>
To: Matthias Schuendehuette <msch@snafu.de>


On Thu, 3 Jan 2002, Matthias Schuendehuette wrote:

> Hello,
>
> my machine at work was scanned with the ISS Scanner, Vers. 6.2.1 and it
> complained about TCP Sequence Prediction:
>
> 'The TCP sequence was found to be predictable.'

Run tcpdump while a scan is happening so that you can see what is going on
with the sequence numbers. 4.5's TCP initial sequence numbers should not
be predictable.

Mike "Silby" Silbersack

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message



Relevant Pages

  • TCP Sequence-Prediction (4.5-PRE)
    ... my machine at work was scanned with the ISS Scanner, ... complained about TCP Sequence Prediction: ... 'The TCP sequence was found to be predictable.' ... I was advised to install FreeBSD 4.1.1-STABLE after 2000-09-28 or later ...
    (FreeBSD-Security)
  • Re: TCP Sequence-Prediction (4.5-PRE)
    ... On Thu, 2002-01-03 at 15:59, Matthias Schuendehuette wrote: ... > my machine at work was scanned with the ISS Scanner, ... > complained about TCP Sequence Prediction: ... with "unsubscribe freebsd-security" in the body of the message ...
    (freebsd-stable)
  • Re: TCP Sequence-Prediction (4.5-PRE)
    ... On Thu, 2002-01-03 at 15:59, Matthias Schuendehuette wrote: ... > my machine at work was scanned with the ISS Scanner, ... > complained about TCP Sequence Prediction: ... > advice from the FreeBSD Security Officer or the developers how to ...
    (FreeBSD-Security)
  • TCP Sequence-Prediction (4.5-PRE)
    ... my machine at work was scanned with the ISS Scanner, ... 'The TCP sequence was found to be predictable.' ... I was advised to install FreeBSD 4.1.1-STABLE after 2000-09-28 or later ... To Unsubscribe: send mail to majordomo@FreeBSD.org ...
    (freebsd-stable)
  • Re: TCP Sequence-Prediction (4.5-PRE)
    ... >my machine at work was scanned with the ISS Scanner, ... >complained about TCP Sequence Prediction: ... Is the ISS lying? ... >advice from the FreeBSD Security Officer or the developers how to ...
    (FreeBSD-Security)