[unisog] earlier report of SQL slapper worm

Robert Dormer rdormer at pobox.upenn.edu
Fri Jan 31 15:26:28 GMT 2003

most random IP number generators aren't perfectly random


>The random IP number generation function was not perfectly random?
>Russell Fulton wrote:
>>One other thing that is puzzling us is that some machine that were
>>vulnerable and exposed escaped, yet given the probing rate and the
>>lenght of time before the traffic was blocked the probability of them
>>not getting hit is very small (assuming uniform distribution).  We
>>therefore conclude (reductio ad adsurdum) that the distribution was non
>>uniform and that we got lucky.
>>Cheers, Russell.

Robert Dormer

Information Security - University of Pennsylvania
phone: (215) 573 - 4574
email: rdormer at isc.upenn.edu
security: security at isc.upenn.edu

More information about the unisog mailing list