[unisog] earlier report of SQL slapper worm
H. Morrow Long
morrow.long at yale.edu
Fri Jan 31 21:13:03 GMT 2003
Actually the article the URL you provide (while interesting) is
about the randomness (or lack thereof) of TCP ISNs (Initial Sequence Numbers)
in different platforms and TCP implementations -- not about generating
random IP addresses.
Robert Dormer wrote:
> most random IP number generators aren't perfectly random
>> The random IP number generation function was not perfectly random?
>> Russell Fulton wrote:
>>> One other thing that is puzzling us is that some machine that were
>>> vulnerable and exposed escaped, yet given the probing rate and the
>>> lenght of time before the traffic was blocked the probability of them
>>> not getting hit is very small (assuming uniform distribution). We
>>> therefore conclude (reductio ad adsurdum) that the distribution was non
>>> uniform and that we got lucky.
>>> Cheers, Russell.
> Robert Dormer
> Information Security - University of Pennsylvania
> phone: (215) 573 - 4574
> email: rdormer at isc.upenn.edu
> security: security at isc.upenn.edu
More information about the unisog