tech-security: CERT Advisory / Statistical Weaknesses in TCP/IP Initial Sequence

Subject: CERT Advisory / Statistical Weaknesses in TCP/IP Initial Sequence
To: None <tech-security@netbsd.org>
From: David Brownlee <abs@formula1.com>
List: tech-security
Date: 05/03/2001 11:34:52

	Michal Zalewski <lcamtuf@bos.bindview.com> has released a paper
	called "Strange Attractors and TCP/IP Sequence Number Analysis"
	    http://razor.bindview.com/publish/papers/tcpseq.html
	on using dynamic system methods to analyze and predict TCP
	initial sequence numbers.

	It quotes a whole bunch of OS results, clumping NetBSD in with
	FreeBSD as "not impressive, and can be qualified as a medium
	to low risk system".

	Cert has an advisory which does not mention NetBSD at all:
	    http://www.cert.org/advisories/CA-2001-09.html

	The best values came from OpenBSD:
	    "The OpenBSD TCP/IP sequence number generator has recently
	     been rewritten by Niels Provos. New code is available, but
	     had not been included in any official release as of this
	     writing. According to Theo de Raadt, the code was finished
	     in December, and is supposed to be shipped with OpenBSD
	     2.9 in late May."

	Has anyone looked at the OpenBSD code?