-
Notifications
You must be signed in to change notification settings - Fork 447
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Use timestamps plus PRNG for TCP initial sequence number #24
Comments
Also see RFC 1948/6528 – timestamps have been augmented by a PRNG since to avoid sequence number attacks. |
@klickverbot Is there some source of truth for which RFCs are actually authoritative for TCP? RFC 793 is hopelessly outdated and has errata, RFC 1122 fixes some of that, highlights a few common errors, many of which I did make, but also piles completely useless junk on top of it (I think every ICMP message it specifically mentions except unreachables and echo request/reply is deprecated, strongly discouraged and ignored by any modern implementation). |
@whitequark: Unfortunately, I don't know of any up to date list of RFCs relevant for the various areas, but I found the review in RFC 7414 to be quite useful (from 2015). |
@klickverbot Thanks |
The timeouts for sending out IGMP reports could also use a PRNG. Could one be built with just an |
The TCP specification dictates a particular algorithm for the PRNG. While not great it's more complex than just the timestamp... |
We don't have a clock with the 4 us resolution as RFC 793 wants, but it's likely fine to use the 1 ms resolution clock too.
The text was updated successfully, but these errors were encountered: