This involves a problem with Digital Unix 4.x having a
predictable TCP sequence. I submitted this to their
response team a couple of months ago, and got this back
from them...
There's really no mention of the TCP sequence problem on
their website or in their docs, so this could be useful
to DUnix admins.
Jeremy
> ---------- Forwarded message ----------
> Date: Thu, 25 Sep 1997 09:38:20 -0600 (MDT)
> To: jeremy@copper.ucs.indiana.edu
> Subject: C970528-680: way to fix tcp/ip sequence predictability
>
> I heard from the Software Security Response team. Response attached.
> It indicates that the existing patches resolve this problem.
>
> Digital Equipment Corp.
> -------------
>
> Hello,
> This has certainly been a chase. It seems this has indeed been resolved in
> a patch available within the base level setld patches......
>
> This problem was fixed in the following:
>
> Version Patch
> ID
> ------- --------
> V4.0 OSF400-247
> V4.0A OSF405-071
> V4.0B OSF410-068
> V4.0C OSF415-410068
> extract: TCP code improvements:
>
> fully dynamic TCP hash table, can change size on the fly without having
> to reboot (tcbhashsize) support for TCP hash support for TCP hash table
> size larger than 1024 (tcbhashsize) improved TCP TCP timer algorithm
> eliminates a large percentage of the processing overhead needed to
> handle the tcp timer task more efficient port allocation code decreases
> outgoing connection overhead (ipport_userreserved) randomized TCP
> initial sequence number. IP reassembly fix for >12Gb memory systems and
> other minor TCP/IP bug fixes
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQCVAwUBNDaIXO01h7o3msjVAQFoSQP/ZEwPq0jXqNajaJojPc7fXHwLTeq7Wmjv
H02WHFqnZOkD5owB12AH8LKJQanTxTUe20T4LsgzKqxA3CVg1LhOp0JcUt+sysCQ
KGwXmduPy4OmLOUMJwtQDFUNKEZCjENTFfLifQ0c9YBOCVO/VF5JZD4hbqRY1D1D
rxL83/V4LNg=
=BGn4
-----END PGP SIGNATURE-----