Paul D. Robertson

>The list is still moderated, and the moderator approves some stuff
>immediately, mulls over others, discards some and rejects others. Since
>the list has always been moderated I'm not sure why folks aren't
>remembering this...

Paul, you told me this off the list, plus a lot more. And I agreed to
abide by your rules. My message was not a reprimand, it was an explanation
of why one of my messages appeared a bit retarded.

My message was not meant to be implied criticism,

As I told you privately, I understand that you are the moderator and I
understand why you filterd my messages to the list, even if I do not
think you were right. I also acknowledge the need for a moderator
as everyone thinks they are right and their messages are perfect. And
some of them need to be pulled for sure.

>You're assuming a blind attack, a very dangerous assumption. Even with a
>blind attack, you're assuming that (a) the attacker's prediction efforts
>are stymied by hard-to-predict sequence numbers and (b) the attacker
>(or defender) lacking enough bandwidth to brute force the sequence number
>or the likey sequence number space.

I am not assuming a blind attack. I was positing an example situation
that highlighted the importance of TCP sequence numbers. Please do not
put words in my mouth.

>"Prearranged formula decided on during the TCP handshake?"

>Wanna show me where in the TCP spec there's some forumla negotiation?
>AFAIR the spec (RFC793) handles the progression of ISN+1 and SND.NXT and
>RCV.NXT in the specification not the handshake, what am I missing?

Not my words. However, I think you understand things very well:
random number--random number+1; then rinse and repeat isn't it?
Wikipedia has a very vague reference to it as: "If the SYN flag
is present then this is the initial sequence number and the first
data byte is the sequence number plus 1."

I don't have my reference books handy, unfortunately. But that is how
I remember it....
firewall-wizards mailing list