On Tue, 11 May 2004, David Krause wrote: : http://www.ietf.org/ietf/IPR/cisco-ipr-draft-ietf-tcpm-tcpsecure.txt The same document that fully ignores that port number randomness will severely limit the risk of susceptibility to such an attack? S**t, the only mention of port numbers at all is in the following text snippet: ===== this means that most connections (assuming the attacker can accurately guess both ports) can be reset in under 200 seconds (usually far less). ===== (Burp. Pardon me for the half-censored expletive.) And exactly why are we supposed to assume that anyone can guess /both/ ports on any connection where the attacker is external? Oh, that's right, because we're all paranoid and gun-shy. (This /is/ NANOG, after all. 8-) Sure, randomization doesn't help if someone netstat(8)s for connections while logged into a host, but reasonable admins shouldn't be letting unprivileged users see network info for critical services, or other users' connections for that matter. Read that as: "Don't make netstat setuid." Gimme a break. This text is a half-baked concoction at best if the next draft still doesn't mention port randomization as a cheap and effective mitigator for external attack attempts. You can get at least 14 bits of entropy for one lousy arc4random() call. Enter as often as you like. No purchase required. With this and the patent funny business, I don't know if I can roll my eyes any further into the back of my head. -- -- Todd Vierling <tv@duh.org> <tv@pobox.com>