[unisog] earlier report of SQL slapper worm

Robert Dormer rdormer at pobox.upenn.edu
Fri Jan 31 15:26:28 GMT 2003


most random IP number generators aren't perfectly random

http://lcamtuf.coredump.cx/newtcp/


>The random IP number generation function was not perfectly random?
>
>Morrow
>
>Russell Fulton wrote:
>>One other thing that is puzzling us is that some machine that were
>>vulnerable and exposed escaped, yet given the probing rate and the
>>lenght of time before the traffic was blocked the probability of them
>>not getting hit is very small (assuming uniform distribution).  We
>>therefore conclude (reductio ad adsurdum) that the distribution was non
>>uniform and that we got lucky.
>>Cheers, Russell.

Regards,
Robert Dormer

=============
Information Security - University of Pennsylvania
phone: (215) 573 - 4574
email: rdormer at isc.upenn.edu
security: security at isc.upenn.edu





More information about the unisog mailing list