Date: Sat, 4 Oct 1997 20:55:18 -0700 (PDT)
From: Dean Gaudet <dgaudet@arctic.org>
To: new-httpd@apache.org
Subject: DUnix 4.x: way to fix tcp/ip sequence predictability (fwd)
Message-ID: <Pine.LNX.3.95dg3.971004205411.4872K-100000@twinlark.arctic.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: new-httpd-owner@apache.org
Precedence: bulk
Reply-To: new-httpd@apache.org
Status: O

This looks like it could be of use to OSF users.  Of course we cover it
under the blanket statement "get the latest TCP/IP patches from your
vendor!" which can be found here and there in the docs.

Dean

> ---------- Forwarded message ----------
> Date: Thu, 25 Sep 1997 09:38:20 -0600 (MDT)
> To: jeremy@copper.ucs.indiana.edu
> Subject: C970528-680: way to fix tcp/ip sequence predictability
>
> I heard from the Software Security Response team.  Response attached.
> It indicates that the existing patches resolve this problem.
>
> Digital Equipment Corp.
> -------------
>
> Hello,
> This has certainly been a chase.  It seems this has indeed been resolved in
> a patch available within the base level setld patches......
>
> This problem was fixed in the following:
>
> Version         Patch
> ID
> -------         --------
> V4.0            OSF400-247
> V4.0A           OSF405-071
> V4.0B           OSF410-068
> V4.0C           OSF415-410068
> extract:    TCP code improvements:
>
>  fully dynamic TCP hash table, can change size on the fly without having
>  to reboot (tcbhashsize) support for TCP hash support for TCP hash table
>  size larger than 1024 (tcbhashsize) improved TCP TCP timer algorithm
>  eliminates a large percentage of the processing overhead needed to
>  handle the tcp timer task more efficient port allocation code decreases
>  outgoing connection overhead (ipport_userreserved) randomized TCP
>  initial sequence number.  IP reassembly fix for >12Gb memory systems and
>  other minor TCP/IP bug fixes