[lwip-devel] [task #13763] tcp_next_iss(): use LWIP_RAND()?

[David van Moolenbroek]

Follow-up Comment #3, task #13763 (project lwip):

I'm writing this follow-up post just to make sure my previous post here has
gotten through to the mailing list at all - if it did, please ignore, but I
can't find it in the archives anymore..

As an aside, I've been thinking since then whether the default algorithm can
be improved as well, but my conclusion is that I would actually be in favor of
keeping the default algorithm as is, exactly because right now it is easy to
spot (with packet captures) that the sequence numbers are highly predictable.
That is how I found out myself, too. Letting the default algorithm use
LWIP_RAND() would make this fact much less obvious, while also not necessarily
improving on the predictability of the ISNs at all (especially with a poorly
seeded PRNG which, I believe, are not uncommon on resource-constrained
devices). Thus, by keeping a "dumb" default algorithm, it would be easier for
developers to see that something is off and decide what to do based on the
options provided by the hook. As such, if the hook is added, I'd simply
suggest removing the "XXX" comment from the current code and leave it at
that..

As another aside, I would be happy to share my current hook implementation
right now if anyone is interested, even though it will be available as open
source soon enough anyway.

    _______________________________________________________

Reply to this item at:

  <http://savannah.nongnu.org/task/?13763>

_______________________________________________
  Message sent via/by Savannah
  http://savannah.nongnu.org/