Strange Attractors and TCP/IP Sequence Number Analysis – One Year Later

Over a year ago, I published a whitepaper titled
Strange Attractors and TCP/IP Sequence Number Analysis” –
an attempt to evaluate TCP/IP sequence number generators in several
mainstream operating systems by mapping the dynamics of the generated
sequence numbers into a three-dimensional phase space. We demonstrated how
this approach can be used to find many non-trivial correlation,
and discussed why the results can be directly used to perform actual
ISN prediction.
This research, among with the research from Guardent, resulted in the release of
CERT Advisory CA-2001-09
and several vendor bulletins.

The goal of this follow-up is to evaluate any subsequent security measures
implemented by the vendors in this field since the release of the original
publication, and to evalute several systems that were not covered earlier.
For the purpose of this document, we assume that the reader has read the
original publication, and has an understanding of the methodology and
terminology used.

Please note that the presented results are preliminary and should not be
considered as a reliable metric for comparing the relative strength of
the operating systems ISN generators at this time.

Read the full article.


Author: Xavier Ashe

Entrepreneur, Infosec Executive, CISSP, CISM, Ironman triathlete, traveler, UU, paleo, father of 8, goyishe, gamer, & geek.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s