> On Dec 29, 2018, at 8:26 PM, Jim Thompson wrote:
>
>
>
>> On Dec 29, 2018, at 6:42 PM, Florin Coras wrote:
>>
>> Hi Jim,
>>
>> That has to do with the initial sequence number generation.
>
> Understood. Thus the title of "Defending against Sequence Number Attacks"
>
>> We don’t exact
> On Dec 29, 2018, at 6:42 PM, Florin Coras wrote:
>
> Hi Jim,
>
> That has to do with the initial sequence number generation.
Understood. Thus the title of "Defending against Sequence Number Attacks"
> We don’t exactly implement that algorithm but we do generate the initial
> sequence nu
Hi Jim,
That has to do with the initial sequence number generation. We don’t exactly
implement that algorithm but we do generate the initial sequence number
randomly based on time.
Florin
> On Dec 29, 2018, at 12:42 PM, Jim Thompson wrote:
>
>
> Florian,
>
> Maybe he wants RFC 6528.
>
Florian,
Maybe he wants RFC 6528.
Jim
> On Dec 29, 2018, at 10:59 AM, Florin Coras wrote:
>
> Hi Brayan,
>
> I’m not entirely sure I understand your question. Obviously, we have sequence
> validation in tcp as per rfc 793. For details, see tcp_segment_validate in
> tcp_input.c. As part
Hi Brayan,
I’m not entirely sure I understand your question. Obviously, we have sequence
validation in tcp as per rfc 793. For details, see tcp_segment_validate in
tcp_input.c. As part of that function, we also check for paws as per rfc
1323/7323.
Hope this helps,
Florin
> On Dec 29, 2018,
Dear VPP Folks,
I would like to know about sequence number checking functionality. Is this
functionality implemented already?
1- If yes: Guide me about that
2- If no : Is there any plan for sequence number checking implementation?
it seems it is essential to prevent sequence number prediction atta
