Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Graphing Randomness in TCP Initial Sequence Numbers

michael posted about 12 years ago | from the winning-lottery-numbers-in-there-somewhere dept.

Security 145

Saint Aardvark writes "This is neat: Graphic visualization of how random TCP Initial Sequence Numbers really are for different OSs. It's a great way of seeing how secure a TCP stack really is. Cisco IOS is great; OS9, OpenVMS and IRIX aren't. Posted to the ever-lovin' BugTraq mailing list." This is a follow-up to the previous report.

cancel ×


Sorry! There are no comments related to the filter you selected.

Previously posted.... (-1, Redundant)

eMilkshake (131623) | about 12 years ago | (#4236068)

at /. [] .

Re:Previously posted.... (-1)

Anonymous Coward | about 12 years ago | (#4236077)

Previously commented on at /. []

Re:Previously posted.... (0, Flamebait)

MrP- (45616) | about 12 years ago | (#4236082)

Wow, you can copy links!

Please note the following excerpt from the end of this article: "This is a follow-up to the previous report.".

"report" links to l


He's the troll? (-1)

cyborg_monkey (150790) | about 12 years ago | (#4236174)

Good job, karma whore.

Re:Previously posted.... (2, Interesting)

mvw (2916) | about 12 years ago | (#4236178)

Hm, I am not 100% sure, but isn't this the third time this article was featured on Slashdot?

But it is still a nice article, illustrating Knuth's advice simply to plot random numbers to visually quickly judge the quality of a pseudo random number generator.

Re:Previously posted.... (0)

Anonymous Coward | about 12 years ago | (#4236250)

There are a variety of true hardware random number generators. I just ran across a new one that looks pretty simple and would provide reasonable bit rates (that could at least be seeds to quasi-random number generators...) The reference is here:

Link []

Full details. (-1, Troll)

Anonymous Coward | about 12 years ago | (#4236075)

Most of you will know about this from a previous post of mine, however for full details on this story check this [] out

Re:Full details. (-1, Offtopic)

Anonymous Coward | about 12 years ago | (#4236092)

Great article, I think there's something in it for everyone. I recommend it thoroughly, a kind of laymans view of just what is possible.

PARENT LINK is goatse, the making off (-1, Offtopic)

YellowSubRoutine (230089) | about 12 years ago | (#4236103)

subject sais it all, don't look while eating

Re:No PARENT LINK is *NOT* goatse, the making off (-1, Flamebait)

Anonymous Coward | about 12 years ago | (#4236125)

Bullsh*t, you troll. You haven't even read the page, I'll bet.

remember 9/11 (-1)

sunken_ehime_maru (532081) | about 12 years ago | (#4236076)

The dead scream out for vengeance:
  1. Kill all Muslims.
  2. Kill llMohammedans.
  3. Kill all Arabs.
  4. Kill all Towel Heads.
  5. Kill all Camel Jockeys.
  6. Kill all Dune Coons.
  7. Kill all Islam.
  8. Nuke their countries to hell.
  9. Nuke them again.
  10. Death to Islam.

I piss on Mecca. I menstruate on the Koran. I shit on Mohammed.BR

Re:remember 9/11 (0)

Anonymous Coward | about 12 years ago | (#4236956)

you need some professional help.

amazing (5, Funny)

Phosphor3k (542747) | about 12 years ago | (#4236078)

He must be running a server with no tcp stack. heh.

Re:amazing (0)

Anonymous Coward | about 12 years ago | (#4236088)

or the sequence numbers are so random that it forgot what they were.

Re:amazing (0)

Anonymous Coward | about 12 years ago | (#4236760)

Actually the case is a firewall that is underdimensioned for the task.

Don't get too excited... (-1, Redundant)

Taylor_Durden (605279) | about 12 years ago | (#4236079)

The paper talks about a n-dimensional space, but only looks at the 3-dimensional case. It is totaly possible that the picture looks different at other dimensions (even at two), and spoofing works better when you use that as a basis. Which of course doesn't make the others more secure should they have better results at other dimensions - the worst case is still the worst case.

Re:Don't get too excited... (0, Funny)

Anonymous Coward | about 12 years ago | (#4236100)

It is a well known fact that all known existing hackers are 3-dimensional.

Usually, those 3 dimensions are stretched [] to the limit [] , but there's still only 3 of them.

Re:Don't get too excited... (0, Offtopic)

Anonymous Coward | about 12 years ago | (#4236180)

did you change your name and repost the same comment? or are you just repeating what someone else said [] ?

you could at least have corrected the typo...

Re:Don't get too excited... (-1, Offtopic)

Anonymous Coward | about 12 years ago | (#4236202)

haha, dumbass!

You're ripping somebody elses comment, Moron.

Link Here []

Re:Don't get too excited... (-1)

Anonymous Coward | about 12 years ago | (#4236205)

You say that as if you think he doesn't know.

The "WTC" myth : come on ! (-1, Offtopic)

Anonymous Coward | about 12 years ago | (#4236097)

It amazes me that so many allegedly "educated" people have allowed themselves to be so swiftly deluded by a fraudulent fabrication of such ridiculous proportions. The very idea that not one, but two jumbo jets would crash themselves into a famous New York skyscraper -- in broad daylight with vigilant air-traffic controllers and tight airport security watching every move of every craft in the air -- is laughable. Furthermore, it is a horrendous affront to the world-renowned intellect and common sense of the American people. The fact that anyone could actually believe this is evidence that the Liberals -- after decades of waging war against intellectual integrity and honesty -- have finally ripped the few remaining, tenuous strands of control of our educational system from full-blooded, hard-working, God-fearing Americans.

As such wonderful documentaries as The Siege have so articulately exposed, the Liberal masterminds in Berkeley and their toadies throughout the nation have been silently waging war against the American people and their God-given rights to protect themselves, their worship, their family values, and their hard work. Much of this has been conducted under the guise of preventing "terrorism", a meaningless word engineered by radical left-wingers specifically to bring fear into the heart of honest Americans. Think about it -- can you remember any reference to so-called "terrorism" that occurred before Liberals invaded our government offices in the last decade? Of course you can't, because despite whatever the revisionist histories may tell you, there is no mention of any "terrorism" in classic literature before 1980. Only then did the neo-Marxists invent such absurd figures as Timothy McVeigh and Osama Bin Laden in order to legitimize their anti-freedom agenda, drowning the spirit of the American people in a blatantly-engineered machine of fear and mourning for "victims" of these "terrorist attacks".

In fact, it should be incredibly obvious that the concept of a 110-story building even being built, much less two, is a clear and obvious fraud. No documentation of these "twin towers" existed before a "terrorist attack" occured on the previously-nonexistent pair of skyscrapers on September the 11th. Due to this hoax being perpetrated by the Liberal-controlled media, suddenly people all over the world mourned the loss of thousands of people who had not existed before. Innocent men and women, brainwashed by the left-wing education institutions, gave firsthand accounts of losing relatives they never had until the "attack" happened.

But the most outrageous aspect of this hoax is the "Pentagon" -- a government office fabricated especially for this purpose. Liberal media claims this imaginary building to be "the center of America's defense system", although obviously an organization as proud and God-fearing as the United States Military would never think to station themselves in a building of five sides, so obviously close to the pentagram, mark of Lucifer himself. It is insulting to the nation's intelligence that eight hundred members of the world's proudest institution would be made to meet their Lord by something as graceful, efficient, and secure as our country's fine aviation system.

Don't let the devious tricks of the Liberals allow you, a citizen of the greatest nation this Earth has ever or will ever know, to surrender your freedoms. Any lesser nation would have succumbed to their wills long ago, and indeed the socialist states in Europe already have. It is only the superior resilience, pride, and intellect of America that has allowed it to withstand the constant threat of Liberal control.

Re:The "WTC" myth : come on ! (0)

Anonymous Coward | about 12 years ago | (#4237704)

i wish i could reach through the computer and strangle you.

New TCP/IP flags (5, Funny)

Tinfoil (109794) | about 12 years ago | (#4236109)

I propose a new flag in the standard TCP/IP packet. We shall call this the Slashdot Flag. The general purpose of this flag is to state whether or not the bandwidth limits of the server can handle the requirements a Slashdot posting can impose. If the flag is set false, Slashcode will automatically generate numerous, random, 'this page has been slashdotted' posts requesting a link to a mirror.

That being said, the page *is* finally loading up so I'm going to go look at some pictures now.

Re:New TCP/IP flags (2)

guacamole (24270) | about 12 years ago | (#4236240)

It won't really help. Something like that has already been considered []

Re:New TCP/IP flags (1, Troll)

Tinfoil (109794) | about 12 years ago | (#4236479)

Crap.. Who reads the FAQ's anyways.

Re:New TCP/IP flags (2)

kubrick (27291) | about 12 years ago | (#4236249)

I propose a new flag in the standard TCP/IP packet... If the flag is set false, Slashcode will automatically generate numerous, random, 'this page has been slashdotted' posts requesting a link to a mirror.

To misquote Douglas Adams: "There is another theory that states that this has already happened."


Re:New TCP/IP flags (0)

Anonymous Coward | about 12 years ago | (#4236783)

And again, bandwidth was not the reason why the page loaded slow.

2 things, first a underdimensioned firewall, which we are trying to fix atm.
Secondly, an unoptimized script on the page doing wc's on several thousand lines of logs each time someone opened the page.

Such flags exist (2)

yerricde (125198) | about 12 years ago | (#4237844)

I propose a new flag in the standard TCP/IP packet. We shall call this the Slashdot Flag.

There is already a flag in HTTP/1.1 (which operates on top of TCP) that allows Slashdot attacks to be detected. It's called the Referer: header. If the referer is then either refuse the visitor (bugzilla does this) or present a static page with low-resolution graphics.

Related story - (found on google) (-1, Troll)

Anonymous Coward | about 12 years ago | (#4236112)

A similar story which I found on Google can be found here [] . I don't think it is as spectacular as some things I've looked at (think goatse.. :-) ), but it'll be an eye-opener for those interested in TCP, and stacks in general.

Re:Related story - (found on google) (1)

painkillr (33398) | about 12 years ago | (#4237392)

Don't you think everyone here is intelligent enough to know to look at the link before they click it?

For gawd's sake, the link has "goatse" in it.

/.'ed in under 4 mins (-1, Redundant)

youngerpants (255314) | about 12 years ago | (#4236114)

Is this a record, can we run a book on how quickly we can /. microsoft


Already Slashdotted (5, Insightful)

Quixote (154172) | about 12 years ago | (#4236126)

The story's barely out on /. and its already slashdotted.

/. story submission page should have a checkbox: "Please mirror the contents of this page (including graphics, which Google doesn't cache) before posting the story".

Re:Already Slashdotted (-1, Flamebait)

Anonymous Coward | about 12 years ago | (#4236158)

Google does cash images butfuck

Re:Already Slashdotted (-1)

Anonymous Coward | about 12 years ago | (#4236164)

Score 5?

The estemed Don either has friends with mod-points or people really care about this mirror [] thing.

Re:Already Slashdotted (4, Informative)

chrisbolt (11273) | about 12 years ago | (#4236166)

I got part of it mirrored [] before it went down.

3rd parties don't have the authority (4, Insightful)

DrSkwid (118965) | about 12 years ago | (#4236175)

"Please could you violate the site's copyright before posting the story"

although "please use server as the proxy" for submissions could be a solution

could even set up Apache to do that on a url therefore subtly circumventing the copyright problem, banners could be passed through.

Re:Already Slashdotted (-1, Offtopic)

Anonymous Coward | about 12 years ago | (#4236213)

Yuropeens are stupid. They can't fuck with the Ford GT40.

It blew away Ferrari in the Lemans. Ferrari quit the race !!!

hahhaahah !!!!

I find it interesting (1, Interesting)

PhysicsGenius (565228) | about 12 years ago | (#4236134)

that Linux is apparently beneath their contempt. Do they know something we don't know?

(To those tempted to reply that "they know it's secure", I'd like to point out that assumed security without testing is exactly what keeps getting MS in trouble)

Re:I find it interesting (3, Informative)

OrangeSpyderMan (589635) | about 12 years ago | (#4236153)

You will find the original report here [] , and you might like to check out the linux section. Credit to a previous poster for that link, however.

spelling and grammar troll v1.5 (-1, Offtopic)

Anonymous Coward | about 12 years ago | (#4236138)

It has come to my attention that "slashdot", subsidiary of VA Software, is a refuge for people with a terrible sense for grammar and spelling. As a remediation, please accept the following recommendations about the use of some frequent linguistic expressions :
  • "Alot" vs. "A lot" : There is no such word as alot. In fact, when confronted with the word alot, ispell tells us the following : "how about : allot,aloe,aloft, alto, blot, clot, lot, plot, slot"
  • Just the fact moronic Americans pronounce Bernstein, neither, Einstein and other 'ei'-words as "Burnstean", "neather", "Ainstean", etc... doesn't mean they have to write those words "Bernstien", "niether" or "Einstien". Special mention to "thier", "becuase" and "amatuer".
  • "Than" vs. "Then" : Just the fact that in some inferior dialects of the English language, "than" and "then" are pronounced about the same way doesn't mean that the comparative "than" has any reason to be written as the conjunctive/logical "then".
  • Your vs. You're : The former means "not my, not his, not our", in other words it is a possessive. The latter is a shortcut for "You are". Similar point for There vs Their vs They're.
  • Hobbyist and lobbyist are not superlatives. Hence they musn't be written as hobbiest and lobbiest.
  • Thi fuct thit ya ridnucks prunince any avelible vowal as "uh" doesn't forbid you to open a book from time to time to actually build up some vocabulary. It's "ludicrous" and "compatible", not "ludacris" and "compatable".
  • Its vs It's. The former is the genitive form of "It" and will therefore make the following word an attribute of the word replaced by the pronoun. Example : illiteracy and its consequences. The latter is an shortcut for "It is". Example : Illiteracy. It's so annoying.
  • lose vs. loose : the first is the verb associated with a loss. The second is the contrary of "firm"
  • to vs too : Your spelling is too pathetic for your post to matter to me. The same goes forour grammar too.
  • I could (not) care less. Most people say "I could care less" when they don't give a flying fuck. If they really could care less, then their lack of interest isn't that big. What they mean is that they could not care less.
...many more to come. Reply to this comment to suggest some.

A definition of irony :
A bunch of computer nerds without a sense for spelling and grammar mocking japanese game translators for their lack of skills in english spelling and grammar.

Contribution by Erpo :
I'm not any kind of grammar nazi, but decent spelling and grammar are important to me. The occasional affect/effect problem doesn't bother me (it just lowers my opinion of the author), but when a piece is riddled with errors (there/they're/their, its/it's, then/than, etc..) it's hard for me to read. Partially, I think this is because I sight read and I don't subvocalize. In other words, when I see, "It's over their," in print the first thing I think is, "It's over their what? Is it hovering over their kitchen counter? Is it over their heads? What is this person trying to say?" Of course, I don't just sit there pondering those questions (it only takes a split second to see there was a grammar error in the sentence), but I can't read as quickly when every few lines my eyes flick back to an earlier word.

Maybe I'm just hypersensitive. I don't know. If you don't know what I'm talking about though, check out this piece [] by Prince. It doesn't have very many grammar problems, but the "creative" spelling is really distracting.

Re: spelling and grammar troll v1.5 (0)

Anonymous Coward | about 12 years ago | (#4237174)

Aren't there other things your more interested in then critisizing the grammer of other's?

Um, Why no Linux in the report (0, Troll)

jmcnamera (519408) | about 12 years ago | (#4236150)

Why isn't Linux tested in the report? Its certainly more common than many of the other selections.

Should we assume Linux matches *BSD or some other flavor? or do I need to read more carefully :-)

Re:Um, Why no Linux in the report (5, Informative)

Clover_Kicker (20761) | about 12 years ago | (#4236171)

>Why isn't Linux tested in the report? Its
>certainly more common than many of the other
>Should we assume Linux matches *BSD or some other
>flavor? or do I need to read more carefully :-)

You need to read more carefully.

In this section, we review a number of operating systems that were either identified as not satisfactory in the original publication, or were not covered by our research at the time. Several systems, such as Linux, use the same, satisfactory ISN generator as the one used a year ago, and because of that, are not covered here in any more detail.

GNU/Hurd (1)

KewLinux (217218) | about 12 years ago | (#4236160)

How about GNU/Hurd (I can't see if it's in the graph because of the ./ effect)? Last time I installed it (approximately six months ago) there was no random generation device...

Re:GNU/Hurd (-1, Flamebait)

Anonymous Coward | about 12 years ago | (#4236248)

This is esentially because GNU/Hurd isn't an OS. It's a kind of fap club for a few failed linux hackers to stroke each others cocks in. It uses linux drivers (old ones, 2.0.x mostly, just getting round to 2.2.x) for just about everything because the handful of developpers are too busy buttfucking each other to make it work. It's so damn slow that you don't anything more than a single http connection to DoS the thing. And it pisses memory like a sieve. All this and your worried about a random number generator.

Understanding Randomness (5, Insightful)

Nosher (574322) | about 12 years ago | (#4236182)

Lets face it: current computers and humans are both as bad as each other at randomness. The fact that computers have to "calculate" randomness is a bad sign in itself, and the humans that program these computers are almost utterly incapable of perceiving true randomness anyway. I'm waiting for the day when the national lottery comes up 1,2,3,4,5 with a bonus ball of 6. Society will crumble, public enquiries will be called for and conspiracy theorists will have something to bang on about for years. I think that barring the sudden development of Quantum x86 chips (at which point randomness becomes "real" and encryption becomes pretty much unbreakable [] ), the only real solution for decent randomness must surely be TCP/IP seeding based on Lava Lamps []

Re:Understanding Randomness (0)

Anonymous Coward | about 12 years ago | (#4236236)

Um, knowing the mood swings of some people I know, I would have to say that humans are quite good at randomness...

And you don't need quantum computers to do real randomness, all you need is this box from Id quantique. []

To state the obvious, there's no question that computers, given enough processor power, can produce really good random numbers. But it's getting them produced efficiently en masse that is the problem...

Re:Understanding Randomness (1)

Nosher (574322) | about 12 years ago | (#4236265)

But what about determinism? At the moment, I'm pretty sure that computers can only do things based upon instructions, and cannot (yet) simply "make stuff up" out of nowhere. I'd agree to the extent that enough processor power allows for pretty good pseudo-randomness, but it's not the same thing as a truly random event (as it is surely imprisoned by the fact that it is *still* the result of pre-programmed, and thus deterministic, behaviour).

Re:Understanding Randomness (0)

Anonymous Coward | about 12 years ago | (#4236272)

You know about linux /dev/random ?

True, but... (0)

Anonymous Coward | about 12 years ago | (#4236309)

Realistically, the amount of time to crack a random number generating algorithm is NP which means it increases exponentially with the length of the algorithm. So I suppose you could say that some pseudo-random number generators are theoretically crackable, but if it takes longer than the age of the universe to crack them (which it will for large values of N), that's random enough for practical applications.

But to be abstract, if you define a computer as an universal turing machine, a computer will *never* be able to be non-deterministic, no matter how fast it is or how many instructions it has.

OTOH you can graft randomness into it with such external things as the box I mentioned...And any REAL computer (as opposed to a turing machine) will stuff up occasionally (flip a flipflop to 1 instead of 0, etc.), so maybe this is a bit of nondeterminism?

Re:Understanding Randomness (1)

cs668 (89484) | about 12 years ago | (#4236576)

Usually some real world events are used to feed the etropy for the randomness.

For example the typing you do or the network packets generated on the network are used to make the deterministic random number generator more random.

Re:Understanding Randomness (2)

Christopher Thomas (11717) | about 12 years ago | (#4236336)

Lets face it: current computers and humans are both as bad as each other at randomness. The fact that computers have to "calculate" randomness is a bad sign in itself, and the humans that program these computers are almost utterly incapable of perceiving true randomness anyway.

Unless, of course, they're mathematicians, in which case they have a host of very powerful techniques for getting quite good evaluations of randomness, and a wide selection of sophisticated algorithms for producing really good pseudo-random sequences.

In summary, you are both overstating the problem and ignoring the vast body of experience built up for dealing with it.

You can also buy true random number generator cards off the shelf if you *really* can't live with a software solution. But be warned, these are suceptible to external influences (biasing them) and tend to be quite slow compared to PRNG techniques (even good PRNGs).

Re:Understanding Randomness (5, Interesting)

thomasj (36355) | about 12 years ago | (#4236602)

Lets face it: current computers and humans are both as bad as each other at randomness. The fact that computers have to "calculate" randomness is a bad sign in itself [...]
The funny thing is, that is really easy to construct a randomness hardware device. A zener diode can generate a lot of white noise just below its saturation point, so a circuit like this will do the trick:
For some reasonal values of the resistors and capacitors this would give a constant flow of ones and zeros that comes right out of the blue air (funny enough literally speaking) with more entropy than we will ever need.

Cost: less than one dollar.

Re:Understanding Randomness (2, Insightful)

Nosher (574322) | about 12 years ago | (#4236941)

Absolutely. I'm sure there are other, numerous, ways of utilising the properties of "hardware" to generate something far more random than a programming algorithm could ever achieve. And this is the paradox - why, when it is so straightforward (and cheap) to get true randomness from the unstable, analogue properties of simple electronic devices, do they not feature more commonly as a basic mobo component (whither the random number generator DIMM module?), in the way that, for example, there's *always* a system clock (or at least timer) available. Instead, more effort has been invested in trying to emulate randomness with increasingly complex software-based algorithms that can never be really random precisely because they are programs.

contact (0)

Anonymous Coward | about 12 years ago | (#4237435)


could you please tell me more about this hardware device you're diving a diagram about ? What are the exact components please ? :-)



Re:Understanding Randomness (3, Informative)

Graff (532189) | about 12 years ago | (#4238131)

The main problem is that this may not be as random as you may think. Many of these "random" fluctuations are actually fairly non-random, relating to electromagnetic fields around the circuit. So what may seem random one moment can become very non-random the next as the conditions around the circuit change. That being said, these kind of circuits could possibly serve as seeds to a random number generator. However, I'm unsure if it would be better to have a regular, dependable seed device such as a clock, or to have a semi-random, unreliable device such as the circuit you have proposed.

Re:Understanding Randomness -- relevance to ISNs (1)

Old time hacker (302793) | about 12 years ago | (#4236980)

There is a problem with using true random numbers for ISNs -- this is that the new ISN for a TCP connection (srcip/dstip/srcport/dstport) should not be in the range of the window (?) of an earlier instance of the same connection quadruple. Why? If oneof the endpoints gets rebooted and looses state while the connection is open to the other end, then it is important that the other end is able to recognize that the new SYN packet is a truly new connection (and so the old connection should be destroyed). Otherwise, the new SYN looks like a duplicate of the original SYN which has spent a long time wandering around the network. This is the reason that the ISN calculation was defined to use a clock in the original RFC.

You may think that having a duplicate quadruple is unlikely, but that isn't true. The most common quadruples are: your ip, your port just a bit bigger than 1024, your http proxy server ip, port 80.

Using a random local port also helps, though I don't know of systems that do that for TCP.

Re:Understanding Randomness (1)

djtack (545324) | about 12 years ago | (#4237773)

Lets face it: current computers and humans are both as bad as each other at randomness.

Actually, computers can be quite good at randomness. You know about linux's /dev/random, right? It basically uses a very precise clock to measure the elapsed time between system interrupts, and uses the least significant bits. Since these interrupts are generated by events external to the computer (mouse movement, network events, etc.) the distribution is truly random.

I'm waiting for the day when the national lottery comes up 1,2,3,4,5 with a bonus ball of 6.

Why whould that number combination be a problem? It's just as likeley to occur as any other number set. In fact, if you are trying to pick a winning number, this would be a wise choice, since you are less likely to have to share the jackpot with someone else should you win (because most people believe that an obvious pattern like that is less likely to occur, and will avoid picking such sets).

Re:Understanding Randomness (2)

ryanvm (247662) | about 12 years ago | (#4237860)

I'm waiting for the day when the national lottery comes up 1,2,3,4,5 with a bonus ball of 6.

Well, since the odds are only 1 in a million (literally) that it will ever happen, I wouldn't hold my breath.

Re:Understanding Randomness (1)

hmallett (531047) | about 12 years ago | (#4238121)

I'm waiting for the day when the national lottery comes up 1,2,3,4,5 with a bonus ball of 6. Society will crumble, public enquiries will be called for and conspiracy theorists will have something to bang on about for years

Maybe that's because the national lottery draws six balls plus the bonus ball....
Still, it would stop anyone winning the jackpot.

I am a real American (-1, Troll)

Anonymous Coward | about 12 years ago | (#4236198)

I like big cars, big guns, big motorcycles, and big tits. I believe the money I make belongs to me and my family, not some mid-level governmental functionary with a bad comb-over who wants to give it away to crack addicts squeezing out babies.

I don't care about appearing compassionate. I think playing with guns doesn't make you a killer. I believe it's called the Boy Scouts for a reason. I think I'm better than the homeless. I don't think being a minority makes you noble or victimized. I don't care if you call me a racist, a homophobe or a misogynist. I am not tolerant of others just because they are different.

I know that no matter how big Jennifer Lopez's ass gets, I'll still want to see it. I don't celebrate Kwanzaa. I believe that if you are selling me a Big Mac, you do it in English. I don't use the excuse "it's for the children" as a shield for unpopular opinions or actions.

I want to know when MTV became such crap. I think getting a hummer is sex, and every man is entitled to at least one extremely sloppy one per month.

I know what the definition of lying is. I think Oprah's eyes are way too far apart. I didn't take the initiative in inventing the Internet.

I want them to bring back safe and sane fireworks.

I believe no one ever died because of something Ozzy Osborne, Ice-T or Marilyn Manson sang. I think that being a student doesn't give you any more enlightenment than working at Blockbuster.

I don't want to eat or drink anything with the words light, lite or fat-free on the package. I believe everyone has a right to pray to his or her God or gods, and they can do it in their schools. I think the Clippers should play in the WNBA.

My heroes are John Wayne, Ronald Reagan, Norman Schwartzkopf, Colin Powell and whoever canceled Dr. Quinn Medicine Woman. I think creative violence and useless nudity and sex makes Iraqis deader and movies more interesting.

I don't hate the rich. I don't pity the poor. I know wrestling is fake, but I still think The Rock could kick my butt. I think global warming is junk science. I've never owned or was a slave, I didn't wander forty years in the desert after getting chased out of Egypt, I haven't burned any witches or been persecuted by the Turks and neither have you, so shut-the-fuck-up already.

Rocky and Bullwinkle still makes me laugh. I think you can respect and admire women while mentally undressing them. I believe a self-righteous liberal with a cause is more dangerous than a Play Station.

I want to know which church is it exactly where the Rev. Jesse Jackson preaches. I think explosions are cool. I don't care where Ellen DeGeneres puts her tongue. I think the cops have every right to shoot your sorry ass if you're running from them. I thought Spinal Tap was great, but Rob Reiner can still kiss my ass.

I worry about dying before I get even.

I like the convenience of buying oranges while I'm waiting at a stoplight, and I'm pretty sure the Latina midget selling them to me is glad she no longer lives in a refrigerator packing carton outside Ensenada.

I figured out Bruce Willis was dead midway through The Sixth Sense but enjoyed it anyway. I think turkey bacon sucks. I want somebody to explain to me exactly why it's wrong to point out that when I watch a freeway chase, I know the losers the police eventually pull out of the car are gonna be gang-banging homies or hispanics.

I believe that it doesn't take a village to raise a child, it takes a parent. I think tattoos and piercings are fine if you want them, but please don't pretend they are a political statement and not a fad. I like hard women, hard liquor and a hard bowel movement first thing in the morning.

I believe you don't have to speak with a lisp to pick out a couch for your living room.

I'll admit that the only movies that ever made me cry was Sands of Iwo Jima and Ole Yeller. I didn't realize Dr. Seuss was a genius until I had a kid. I will not conform or compromise just to keep from hurting somebody's feelings. Making love is fine, but sometimes I just wanna get laid.

I'm neither angry nor disenfranchised, no matter how desperately the mainstream media would like the world to believe otherwise.

YES, I'm a BAD American...... >:-)

Interesting... (0, Redundant)

tilleyrw (56427) | about 12 years ago | (#4236216)

I think it's interesting that the graph for Windows 2000 and NT4 SP6a is not available.

Might this be a bit of MS led DNS attack.

Re:Interesting... (2)

jonr (1130) | about 12 years ago | (#4236293)

Is this a subtle joke? Maybe the graphs are not available because of the /. effect? DUH!
At least I am seeing it very clearly.
And the moderators are on crack again.

Re:Interesting... (0)

Anonymous Coward | about 12 years ago | (#4236320)

They are in the previous report. The new report only covers new things and things which have changed. This is mentioned in the introductory part of the report

Re:Interesting... (2)

IPFreely (47576) | about 12 years ago | (#4236589)

They did show the graph for Win2000 SP2 and WinXP, along with the quote:

One year later, we find that both Windows 2000 SP2 and Windows XP still use essentially the same ISN generator

One might presume from this that the available graph is suitable for all of them.

I Doubt MS had anything to do with the content of the report. The authors simply saved space by showing one graph for all of them.

tc/ip (0, Interesting)

Anonymous Coward | about 12 years ago | (#4236220)

Question how can you tell tc/ip stack is from windows versus linux?

Re:tc/ip (-1)

Anonymous Coward | about 12 years ago | (#4236237)

If the destination address is then the packet is from Linux.

Which OS9? (1)

MainframeKiller (105858) | about 12 years ago | (#4236251)

Is it Microware's OS-9 [] , or Apple Mac OS 9?

Re:Which OS9? (1)

3.5 stripes (578410) | about 12 years ago | (#4236305)

I believe Mac OS9, the first report says it wasn't all that great.

It's Microware (0)

Anonymous Coward | about 12 years ago | (#4236587)

Unless Apple decided to start adding a version number to the version number, I think we can assume it it Microware's OS-9.

Re:It's Microware (2)

jweatherley (457715) | about 12 years ago | (#4237841)

Unless Apple decided to start adding a version number to the version number

You mean like MacOS X 10? ;)

Lessons in RNG (2, Insightful)

Anonymous Coward | about 12 years ago | (#4236281)

Posting anonymously because I'm not a whore.

Given that the server is slashdotted, here are a few facts about pseudo-random number generators:

Linear Congruential Generators are infamous for certain weaknesses, most notably that n-tuples fall "mainly on the planes": they lie on hyperplanes in higher dimensional space, depending on the additive and multiplicative parameters chosen.

This doesn't mean that they are any worse for cryptography purposes, because even if you choose parameters that aren't as bad, once the generator parameters are determined and a seed is found, the sequence is deterministic.

But, all is not lost. Modern generators often use shuffling techniques, where you keep track of a few dozen numbers at a time, and then pick one number to determine which of the pool to select, and a second number to replace that selected number. Even a poor LCG when accompanied by such a shuffling technique can perform well. Well, not a really poor one--IIRC randu had problems that shuffling would not fix. I believe the gnu lrand48 and friends use this shuffling technique, as well as CMUCL. I suppose this can be even better if you populate the initial pool of numbers from outside the pseudo-random sequence, so that the potential attacker has almost no shot at figuring out what you seeds are, but to scientists who aren't worried about cryptographic purposes, that is counter-productive. I believe that there are some generators that have been proven 'non-invertible'--you can not go backwards in the sequence except by performing brute force search. Whether or not TCP geeks use these is beyond my knowledge.

But, all is still not safe. You have to be careful about how you change your random number into a usable number. Often people use the high-order bits (e.g., they multiply by some number and then round off). This can be a mistake (of course depending on what your generator really is, and what your purposes are).

I'm glad I got to look at this page this morning. (1)

3.5 stripes (578410) | about 12 years ago | (#4236289)

When I saw it in the Bugtraq mailing list.

Extremely interesting, I'm probably just uninformed, but this has been one of the first examples I've seen where a 3d rendering has been used to express data in a way that makes any sense to me (I am mathematically challenged).

Mirror in case of further slashdotting (2, Informative)

vidnet (580068) | about 12 years ago | (#4236300)

I got through fairly easily, but just in case it gets worse, Here's [] a mirror.

It's just a 133mhz netbsd box on a home adsl line though, but I figured the more the merrier.

Re:Mirror in case of further slashdotting (2, Funny)

Koyaanisqatsi (581196) | about 12 years ago | (#4237466)

It's just a 133mhz netbsd box (...)

Gosh, what all those years of slashdot have done to me? I actually read "It's just a leemhz netbsd box" once or twice before turning off my automatic l337 translator.

I need to get out more ...

NextStep? (2)

norwoodites (226775) | about 12 years ago | (#4236338)

Why test NextStep? Because he still uses it? It will not and has not been upgraded in about 5 years unless you count Mac OS X as the upgrade (which it is).

Re:NextStep? (2)

squaretorus (459130) | about 12 years ago | (#4236496)

It is always worth testing some bizarro platforms if only to show how much / little progress has been made since they were more common.

One of the problems I have with the standard 3D card benchmarks is that they progress too quickly. My VoodooBanshee scored pretty well when it was bought, and I still use it in my 3rd machine, but I have no way of seeing how well it performs against the current crop because the benchmark tools are annual releases, and the scoring changes so much.

It would be good if these had a popular old system from 1, 2 and 3 years ago to run the same tests on. It would probably result in more sales from us 'dont really know/care' guys because we'd suddenly know that we are only 22% as good as a new card costing just £150.

this is GREAT! (0)

hfastedge (542013) | about 12 years ago | (#4236375)

If u've read stephen wolfram's "a new kind of science" this is exactly the type of graphical thinking he advocates.

Don't click the link in the story. (0)

Anonymous Coward | about 12 years ago | (#4236379)

Don't click the link in the story. It's a fake linked to []

God they are not afraid of DMCA (0, Redundant)

anandsr (148302) | about 12 years ago | (#4236395)

These people should be put behind bars for trying to crack the TCP/IP stack. They have also attacked so many different OS's. Atleast MS should sue them.

Any hw based ISN generators? (4, Interesting)

ch-chuck (9622) | about 12 years ago | (#4236410)

't be cool to have a board with a bit of radioactive alpha source and a counter to make genuine random numbers. Like this [] , or, ha, here's [] one (3rd from the top) that proposes using disk drive air turbulance to generate random numbers!

Linux?? (1)

jfinke (68409) | about 12 years ago | (#4236673)

Is is just me or was there no Linux graph? Or because it was listed in the previous test?? Even then, they just tested 2.2...

Re:Linux?? (4, Informative)

raynet (51803) | about 12 years ago | (#4236845)

If you read the article is says:

3. New evidence In this section, we review a number of operating systems that were either identified as not satisfactory in the original publication, or were not covered by our research at the time. Several systems,
such as Linux, use the same, satisfactory ISN generator as the one used a year ago, and because of that, are not covered here in any more detail.

Re:Linux?? (0)

Anonymous Coward | about 12 years ago | (#4236880)

Yes, it's because it was done in the previous test. It was found to be suitably secure, and no major improvements have been made. Testing again would just be redundant.

AIX, NeXt, OS/400, Tru64, IRIX the worst (1)

operagost (62405) | about 12 years ago | (#4236766)

These operating systems were all 100% predictable- why was OpenVMS mentioned as being one of the worst? Frankly, it did poorly for an OS that has always been prsented as an example of great security, but I don't think the obsolete VAX platform represents the typical OpenVMS installation anymore. A test of OpenVMS Alpha would have been more useful. It's possible that there's a difference.

This is funny... (1)

octogen (540500) | about 12 years ago | (#4236785)

...mostly because OpenVMS people tend to think, that 'their' OS is the most secure one on this planet (just like OpenBSD developers do, too).

Compared to Standard-Unices, OpenVMS might offer superior security, mostly because of the privilege model it utilizes instead of giving all-powerful root privileges to many user space applications.

On the other hand, we've got OSs which have much more sophisticated security than OpenVMS.
First, there is IBM's AS/400, which has got a privilege model quite similar in extent to the one used in OpenVMS, but additionally it has object-based design, and therefore object-based security (type enforcement and such...). However, it lacks Mandatory Access Control, TCB, Trusted Path and some other things mostly required by military and/or government environments, and therefore it only achieves a C2 security rating.
And then there are a couple of really secure Trusted Unices/Unix-style OSs, like Trusted Solaris, the Pitbull Addon for Solaris and AIX, Trusted IRIX, or XTS/400.
Just talking about fine-grained privilege controls: Argus' Pitbull has got around 100 privileges, how many privileges are there on an OpenVMS box?

No OS has ever received an A1 security branding. And the only OS which has ever received a B3 security branding, is actually a Trusted Unix Environment, something like a Unix clone with some proprietary security mechanisms built into the kernel (OpenVMS was B1 or maybe B2, iirc).


Regarding secure TCP/IP initial sequence number generation, it does not take a Trusted OS to just generate secure sequence numbers.

About two months ago, I compared initial sequence number generation on the following OSs using nmap:
* Windows 95
* Windows ME
* Linux 2.2.x
* Windows 2000 (plain)
* Windows 2000 (with Norton Internet security installed)
* OS/2 Warp Server Advanced 4.0 (default install)
* Sun Solaris 7 x86 (with tcp_strong_iss set to 2)

The results where pretty interesting and also a bit surprising:
Windows 95 was worst (ok, that's not surprising ;-), nmap rating ~10
Then came OS/2, which was not much better, nmap rating ~ 1000
(BTW: does anyone have nmap results from OS/390 or OS/400?)
Even Windows ME was a bit better than OS/2, but still far away from being secure, nmap rating ~ 8000
There was little difference between Win2k with Norton's Firewall (~12000) and Win2k without the Firewall (~15000)
Linux' results were quite good, nmap rating approximately some hundred-thousands or millions
Solaris with tcp_strong_iss set to 2 seemed to offer really strong sequence number generation, so nmap just printed a lot of 9s


Additional information:
Here [] is nmap.
Here [] is Argus Systems (EAL4 security for Solaris/AIX)
Here [] is IBM's AS/400
Here [] is Getronics (B3 secure Unix Environment running Unix and Linux applications)
And finally, here [] is OpenVMS

Re:This is funny... (1)

Shimbo (100005) | about 12 years ago | (#4237662)

...mostly because OpenVMS people tend to think, that 'their' OS is the most secure one on this planet

Well some no doubt do. But the bundled TCP/IP stack has been a poor relation for years, and the reaction of typical VMSers to TCP/IP problems is often "well the IP code was mostly written by UNIX guys, what do you expect"? However, anyone with a clue knows that basic Internet protocol improvements tend to appear first on BSD or Linux and work its way round.

Anyway TCPIP 5.1 (unpatched?) is hardly the latest, even for VMS. It long predates the initial article for a start; it would be interesting to know how current versions look.

What about home router sequence numbers? (1, Interesting)

Anonymous Coward | about 12 years ago | (#4236827)

What about LinkSys, Netgear, SMC, Assante, DLink and other home routers? How good are their sequence numbers?

Re:What about home router sequence numbers? (1, Informative)

Anonymous Coward | about 12 years ago | (#4236840)


Most of them have constant or +1 ISNs. Some advanced ones have +64k.

Re:What about home router sequence numbers? (3, Informative)

mkettler (6309) | about 12 years ago | (#4237371)

Agreed, such devices tend to have poor ISNs, but then again, they are for home use, and the ports they serve only respond on the INSIDE. Outbound traffic passes thru with more-or-less the same ISN it started with.

Unless you don't trust people on your home lan, it's not much of an issue. Yes, it should be done right, but the only people that can exploit this are those within your network. If they are in your home, they can do much worse than hijack your session as you configure the router.

As for outbound traffic, if you connect to an outside website from an inside PC, it uses the ISN that the PC generated and doesn't change it or adds some simple fixed constant. It still retains all of the entropy of the original PC's ISN. Nobody from the outside should be able to connect to the configuration server in the "DSL router" device. Hence, nobody from the outside really sees the poor entropy of the DSLRouter's ISNs.

Only higher-end firewall products, ie: the cisco PIX, attempt to mangle the ISN generation as they translate hosts. Most of the simple products do not, and certianly none of the $100 DSL routers do.

Also good ISN generation is actualy important to more "commercial" grade routers, since these devices are sometimes deployed and administered remotely, generate tunnels, etc. Thus these routers/firewalls sometimes have exposed ports, or exposed client traffic on a public network as they are being reconfigured.

Of course, many are only configured localy, or over a local LAN, which makes the risk a lot lower, but also users on corprate lans are generaly less trusted than those in your own home.

Re:What about home router sequence numbers? (2)

A Commentor (459578) | about 12 years ago | (#4237504)

But since alot of home users are buying Wireless Routers. They face a similar attack from the wireless interface as from the public internet...

"clearly it is a bunny rabbit" (2, Funny)

Anonymous Coward | about 12 years ago | (#4236853)

Not being well versed in statistics and math in general, I was struck by the resemblance of some of these pictures to images that i've seen of far off galaxy's and star clusters. Could it be that we live in a very high resolution of a randomness graph from some other universe???

Wrong stack for OpenVMS (2)

glenmark (446320) | about 12 years ago | (#4237261)

"...OpenVMS and IRIX aren't."

You are overlooking the fact that most OpenVMS installations use third party TCP/IP stacks, generally Multinet [] or TCPware [] from Process Software [] (the CMU stack being largely defunct now), which do not suffer from this defect. This is largely because the initial implementation of DEC's TCP/IP stack, UCX, was buggy as hell and lacked many features, although it is finally starting to catch up.

Not that it matters much anyway. This predictable ISN weakness only threatens systems configured to trust others based solely upon their IP address (a bad idea). The only ways to crack a properly configured OpenVMS system currently involve (1)physical access to the console, (2) "social hacking" (tricking someone into telling you their password), or (3) packet sniffing for protocols which pass unencrypted passwords such as POP3 and telnet (easily solved by disabling such nonsecure protocols); three vulnerabilities which pose a threat to any OS, no matter how well designed. Nice having an OS which cannot be compromised via buffer overflow exploits (OpenVMS discards data from buffer overflows and raises an exception, always. Overflowing data cannot be executed).

Re:Wrong stack for OpenVMS (0)

Anonymous Coward | about 12 years ago | (#4237723)

Hey, you left off 4) Hijacking someone's already authenticated network connection.

Small detail (1)

len-netsys (598524) | about 12 years ago | (#4237606)

Actually it was sent to the full disclosure mailing list members at least 14 hours before bugtraq members, but that's ok, some people like old news :)

They need (1)

OpCode42 (253084) | about 12 years ago | (#4237622)

a couple of wires suspended is a good brownian motion generator, like a nice hot cup of tea... :)

yawn (0)

Anonymous Coward | about 12 years ago | (#4237791)

surprisingly, this is the third time ive seen this article on slashdot. get a clue. thanks.

Stance for ISP web proxies (1)

josh crawley (537561) | about 12 years ago | (#4237863)

I'm seeing tons of people complaining how badly this site got slashdotted. I also remember from the last time, when it did too. However, after reading a few articles about "slashdotted" solutions, I clicked the link, and here it is...

I could see what people are trying to mirror. I remember an article bitching about squid servers in ISP's, but I'm happy if I can get my stuff.

Will HPQ Sue? (1)

russotto (537200) | about 12 years ago | (#4238017)

I noticed Tru64 is shown to be insecure... can HPCompaq invent a reason to sue the authors?
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>