1830929 Members
2262 Online
110017 Solutions
New Discussion

TCP Sequence numbers

 
Kent Kaiser
New Member

TCP Sequence numbers

I recently used Nessus to scan our network and one error said the TCP sequence numbers were always incremented by 6400 and would be easily guessed. I havn't been able to find a patch on the HP web site. Is there a fix for this?

Thanks,
kent
4 REPLIES 4
Dan_4
Advisor

Re: TCP Sequence numbers

You should probably move this discussion to the networking forum :)
Ralf Hildebrandt
Valued Contributor

Re: TCP Sequence numbers

There's an easy solution.
my script /sbin/init.d/hack_ip_stack does that.
Invoke using
/sbin/init.d/hack_ip_stack start
Postfix/BIND/Security/IDS/Scanner, you name it...
John Palmer
Honored Contributor

Re: TCP Sequence numbers

For HP-UX 10.20:-

nettune -s tcp_random_seq 1
will randomise the initial connection sequence.

nettune -s tcp_random_seq 2
uses a 'more sophisticated' randomiser.

The default is 0 (normal as per RFC 793).

Note that randomising is on by default for HP-UX 10.30 and later.

Regards,

John


Berlene Herren
Honored Contributor

Re: TCP Sequence numbers

Excellent answer, John!

berlene
http://www.mindspring.com/~bkherren/dobes/index.htm