HPE Community
Operating System - HP-UX
1833566 Members
3191 Online
110061 Solutions
New Discussion

Re: non-random ip ids

 
Peter Gillis
Super Advisor

‎09-08-2004 02:53 PM

‎09-08-2004 02:53 PM

non-random ip ids

HI,
ux11i.
After running a network vulnerability scan on our system we have a message returned that indicates it is possible to predict the next
value of the ip_id field of the ip packets sent by this host.
Have found a previous post which has led me to a patch PHNE_29887. cumulative ARPA transport patch. But, I'm sure I have seen somewhere that 11i op system not supposed to need extra patches, it already has the ability to random choose next ip ids. I have installed the HP Stron Random Number Generator too. So, why is the system not saying it can select random numbers?

Bit confused
Maria
0 Kudos
Reply
3 REPLIES 3
rick jones
Honored Contributor

‎09-09-2004 01:18 PM

‎09-09-2004 01:18 PM

Re: non-random ip ids

The strong random number generator stuff is only (IIRC) for providing /dev/random and such. It is not related to providing random IP datrgram IDs.

I myself am not all that worried about non-random IP datagram IDs given that TCP traffic is so very rarely fragmented to begin with. I suppose it might be more of a concern with UDP traffic but even then.

Perhaps the randomization of IP datagram IDs is controlled by an ndd setting on 11i? That or perhaps it is part of a subsequent TOUR.

BTW, _which_ 11i are you talking about? There are several.
there is no rest for the wicked yet the virtuous have no pillows
0 Kudos
Reply
Peter Gillis
Super Advisor

‎09-09-2004 01:57 PM

‎09-09-2004 01:57 PM

Re: non-random ip ids

Hi Rick, Thanks for response.
11.11 v1.
What is a TOUR?
Regards,Maria
0 Kudos
Reply
Dave Olker
Neighborhood Moderator

‎09-09-2004 03:11 PM

‎09-09-2004 03:11 PM

Re: non-random ip ids

Hi Maria,

TOUR stands for Transport Optional Upgrade Release, and it is an additional, fully supported, web release that delivers new transport functionality and other networking features independent of major HP-UX releases.

You can download the latest version of TOUR, and all of the documentation, from Software Depot at:

http://www.software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=TOUR

The TOUR packages are free.

Regards,

Dave


I work at HPE
HPE Support Center offers support for your HPE services and products when and how you need it. Get started with HPE Support Center today.
[Any personal opinions expressed are mine, and not official statements on behalf of Hewlett Packard Enterprise]
Accept or Kudo
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.