* Petr Salinger: > If I understand it correctly, the security problem is > "it allows remote attackers to guess sensitive values such as IP > fragmentation IDs by observing a sequence of previously generated > values". > By default, the next_value is previous_value+1, i.e. unsecure at all. > It can be enabled to use random (secure) value, the random value is in > kfreebsd-7 generated by weak X2 algorithm, in kfreebsd-8 by "algorithm > suggested by Amit Klein".
The state is per-flow. It's not a global counter, right? > So the options are: > > 1) leave it as is (same as native FreeBSD) > 2) only backport new algorithm to kfreebsd-7 > 3) change default to use random algorithm in both kfreebsd-7 and kfreebsd-8 > 4) backport new algorithm to kfreebsd-7 and change default to use > random algorithm in both kfreebsd-7 and kfreebsd-8 > > What prefers the security team ? I fear that IPv4 is vulnerable no matter what you do. If the guessable state is global, please switch to (4). A per-flow counter shouldn't be that problematic. For IPv6, you should implement (3) or (4) because the 32 bit ID actually provides some protection against blind spoofing. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
