LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

(Nearly) full tickless operation in 3.10

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Does it matter?

Does it matter?

Posted Aug 19, 2011 23:49 UTC (Fri) by pflugstad (subscriber, #224)
In reply to: Does it matter? by njs
Parent article: Unpredictable sequence numbers

I think you missed epa's point.

Even being able to predict TCP sequence numbers does not allow you to inject traffic into an existing SSH or SSL (https) connection. Both protocols encrypt the data and have integrity checks over the data, so if you injected data, it would fail to decrypt and/or fail the integrity checks.

So the worst that you can probably do if you can predict TCP sequence numbers is force the connection to be reset - packets with an invalid TCP sequence number would be discarded - if the seq num is valid, then SSL/SSH would flag it and abort the connection.

(Log in to post comments)

Does it matter?

Posted Aug 20, 2011 1:36 UTC (Sat) by njs (guest, #40338) [Link]

Yes, but I also use protocols like HTTP that don't have cryptographic integrity guarantees... and those protocols are more at risk if TCP sequence numbers are predictable than if they aren't, which is why TCP sequence numbers matter beyond DoS attacks. Which was epa's question...

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds