[unisog] earlier report of SQL slapper worm

Valdis.Kletnieks at vt.edu Valdis.Kletnieks at vt.edu
Fri Jan 31 21:55:04 GMT 2003


On Fri, 31 Jan 2003 16:13:03 EST, "H. Morrow Long" said:
> Actually the article the URL you provide (while interesting) is
> about the randomness (or lack thereof) of TCP ISNs (Initial Sequence Numbers)
> in different platforms and TCP implementations  -- not about generating
> random IP addresses.

The point was that the lack of randomness was found in TCP stacks that had
supposedly been intentionally hardened to create unpredictable ISNs.  We're
talking here about code from major vendors who were motivated to do it right.

It's not at all surprising that J Random Hacker does an even worse job.
-- 
				Valdis Kletnieks
				Computer Systems Senior Engineer
				Virginia Tech

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
Url : http://www.dshield.org/pipermail/unisog/attachments/20030131/0d03f2c9/attachment-0007.bin


More information about the unisog mailing list