A paper by Amit Klein (Trusteer): "OpenBSD DNS Cache Poisoning and Multiple O/S Predictable IP ID Vulnerability"

Hello BugTraq Recently I've been looking at the OpenBSD PRNG implementation for DNS transaction ID OpenBSD ported BIND 9 into their code tree, but rolled their own PRNG for the DNS transaction ID field. I discovered a serious weakness in OpenBSD's PRNG, which allows an attacker to predict the nex...