From owner-doc-jp@jp.freebsd.org  Mon Oct  9 11:46:24 2000
Received: (from daemon@localhost)
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) id LAA26571;
	Mon, 9 Oct 2000 11:46:24 +0900 (JST)
	(envelope-from owner-doc-jp@jp.FreeBSD.org)
Received: from ns4.sony.co.jp (ns4.Sony.CO.JP [202.238.80.4])
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) with ESMTP id LAA26566
	for <doc-jp@jp.freebsd.org>; Mon, 9 Oct 2000 11:46:23 +0900 (JST)
	(envelope-from mho@pobox.com)
Received: from mail2.sony.co.jp (gatekeeper7.Sony.CO.JP [202.238.80.21])
	by ns4.sony.co.jp (R8) with ESMTP id LAA24623
	for <doc-jp@jp.freebsd.org>; Mon, 9 Oct 2000 11:46:23 +0900 (JST)
Received: from mail2.sony.co.jp (localhost [127.0.0.1])
	by mail2.sony.co.jp (R8) with ESMTP id LAA16780
	for <doc-jp@jp.freebsd.org>; Mon, 9 Oct 2000 11:51:07 +0900 (JST)
Received: from sjp01002.meis.sony.co.jp (sjp01002.meis.sony.co.jp [43.15.126.31])
	by mail2.sony.co.jp (R8) with ESMTP id LAA16776
	for <doc-jp@jp.freebsd.org>; Mon, 9 Oct 2000 11:51:07 +0900 (JST)
Received: from MHO-VAIO.hmp.sony.co.jp (tdc-ap-25.rmt.sony.co.jp [43.22.247.25]) by sjp01002.meis.sony.co.jp with SMTP (Microsoft Exchange Internet Mail Service Version 5.5.2651.97)
	id S3FZF8WR; Mon, 9 Oct 2000 11:46:22 +0900
Date: Mon, 09 Oct 2000 11:45:46 +0900
Message-ID: <wk4s2mzq91.wl@MHO-VAIO.hmp.sony.co.jp>
From: Hori Masato <masato.hori@jp.sony.com>
To: doc-jp@jp.freebsd.org
In-Reply-To: In your message of "Sun, 8 Oct 2000 21:45:52 +0900 "
	<200010081246.VAA21332@eos.ocn.ne.jp>
References: <200010081246.VAA21332@eos.ocn.ne.jp>
User-Agent: Wanderlust/1.1.1 (Purple Rain) SEMI/1.13.7 (Awazu) FLIM/1.13.2 (Kasanui) Emacs/20.4 (i386-*-windows98.2222) MULE/4.1 (AOI) Meadow/1.10 (TSUYU)
MIME-Version: 1.0 (generated by SEMI 1.13.7 - "Awazu")
Content-Type: text/plain; charset=ISO-2022-JP
Reply-To: doc-jp@jp.freebsd.org
Precedence: list
X-Distribute: distribute version 2.1 (Alpha) patchlevel 24e+000315
X-Sequence: doc-jp 7749
Subject: [doc-jp 7749] Re: ANNOUNCE: FreeBSD Security Advisory: FreeBSD-SA	-00:52.tcp-iss
Errors-To: owner-doc-jp@jp.freebsd.org
Sender: owner-doc-jp@jp.freebsd.org
X-Originator: masato.hori@jp.sony.com


$B$$$D$b$4$/$m$&$5$^$G$9!#(B

$BGX7J$N$H$3$m$J$N$G$9$,!"(B

At Sun, 8 Oct 2000 21:45:52 +0900 ,
Hiroki Sato <hrs@eos.ocn.ne.jp> wrote:
> I.   $BGX7J(B - Background
> 
> TCP network connections use an initial sequence number as part of the
> connection handshaking. According to the TCP protocol, an
> acknowledgement packet from a remote host with the correct sequence
> number is trusted to come from the remote system with which an
> incoming connection is being established, and the connection is
> established.

> TCP $B$N%M%C%H%o!<%/@\B3$K$O(B, $B@\B3$N%O%s%I%7%'%$%/$r9T$J$&:]$K(B
> $B=i4|%7!<%1%s%9HV9f$,;H$o$l$^$9(B.  $BI8=`(B TCP $B%W%m%H%3%k$K$h$k$H(B,

$B$3$3$N!VI8=`!W$H$$$&$N$O$J$/$F$b$$$$$+$b!#(B

> $B30$+$i$N@\B3$r3NN)$7$h$&$H$7$F$$$k%j%b!<%H%[%9%H$+$i(B
> $B@5$7$$%7!<%1%s%9HV9f$NIU$$$?3NG'%Q%1%C%H(B(acknowledgement packet)$B$,(B
> $BAw$i$l$F$/$k$3$H$,A[Dj$5$l$F$*$j(B, 

  $B@5$7$$%7!<%1%s%9HV9f$NIU$$$?3NG'%Q%1%C%H(B(acknowledgement packet)$B$O@\B3(B
  $B$r3NN)$7$h$&$H$7$F$$$k%j%b!<%H%[%9%H$+$iMh$?$b$N$H$5$l!"(B
$B$NJ}$,$D$J$,$j$,$$$$$+$J!"$H;W$$$^$7$?!#(B

> $B@\B3$O$=$N3NG'%Q%1%C%H$NE~Ce$K(B
> $B$h$C$F3NN)$5$l$k$H$5$l$F$$$^$9(B.


> 3) $B<eE@$H$J$k(B TCP $B@\B3$r(B IP $BAX$GG'>Z(B ($B$+$D0E9f2=(B) $B$9$k$?$a$K(B

and/or$B$J$N$G!V$+$D!W$@$H6/$$$+$J!"!V$d!W$G$7$g$&$+!#(B

>    IPSEC $B$rM-8z2=$7$F$/$@$5$$(B.  IPSEC $B$rMQ$$$k$H(B, $B%]!<%H$X$N30It$+$i$N(B
>    $B@\B3$O$9$Y$FG'>Z$,MW5a$5$l$k$h$&$K$J$j(B, $B$3$N4+9p$G=R$Y$i$l$F$$$k$h$&$J(B
>    IP spoofing $B967b$d(B, $B%Q%1%C%H$NN.$l$K%"%/%;%9$7$F(B TCP $B%;%C%7%g%s$r(B
>    $B>h$C<h$k9T0Y$O$G$-$J$/$J$j$^$9(B.  FreeBSD 4.0 $B$*$h$S(B
>    $B$=$l0J9_$O%+!<%M%kFb$K(B IPSEC $B5!G=$r$r;}$C$F$*$j(B, 4.1 $B$*$h$S(B

$B!V$r!W$,$@$V$C$F$^$9!#(B

$B$[$j!!$^$5$H(B
