TCP Sequence numbers

Kent Kaiser · ‎05-08-2000

I recently used Nessus to scan our network and one error said the TCP sequence numbers were always incremented by 6400 and would be easily guessed. I havn't been able to find a patch on the HP web site. Is there a fix for this?

Thanks,
kent

Dan_4 · ‎05-08-2000

You should probably move this discussion to the networking forum :)

Ralf Hildebrandt · ‎08-02-2000

There's an easy solution.
my script /sbin/init.d/hack_ip_stack does that.
Invoke using
/sbin/init.d/hack_ip_stack start

Postfix/BIND/Security/IDS/Scanner, you name it...

John Palmer · ‎08-02-2000

For HP-UX 10.20:-

nettune -s tcp_random_seq 1
will randomise the initial connection sequence.

nettune -s tcp_random_seq 2
uses a 'more sophisticated' randomiser.

The default is 0 (normal as per RFC 793).

Note that randomising is on by default for HP-UX 10.30 and later.

Regards,

John

Berlene Herren · ‎08-02-2000

Excellent answer, John!

berlene

http://www.mindspring.com/~bkherren/dobes/index.htm

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

TCP Sequence numbers

TCP Sequence numbers

Re: TCP Sequence numbers

Re: TCP Sequence numbers

Re: TCP Sequence numbers

Re: TCP Sequence numbers