Date: Tue, 07 Oct 1997 20:22:36 -0700 From: Cy Schubert - ITSD Open Systems Group <cschuber@uumail.gov.bc.ca> To: freebsd-security@freebsd.org Message-ID: <199710080322.UAA04881@cwsys.cwent.com>
next in thread | raw e-mail | index | archive | help
The following looks like it could be rather handy under FreeBSD.
Regards, Phone: (250)387-8437
Cy Schubert Fax: (250)387-5766
UNIX Support OV/VM: BCSC02(CSCHUBER)
ITSD BITNET: CSCHUBER@BCSC02.BITNET
Government of BC Internet: cschuber@uumail.gov.bc.ca
Cy.Schubert@gems8.gov.bc.ca
"Quit spooling around, JES do it."
------- Forwarded Message
Received: (from uucp@localhost) by passer.osg.gov.bc.ca (8.8.7/8.6.10) id
IAA29559; Tue, 7 Oct 1997 08:09:19 -0700 (PDT)
X-UIDL: 876267727.016
Resent-Message-Id: <199710071509.IAA29559@passer.osg.gov.bc.ca>
Received: from localhost(127.0.0.1), claiming to be "passer.osg.gov.bc.ca"
via SMTP by localhost, id smtpdaatpia; Tue Oct 7 08:09:12 1997
Received: (from uucp@localhost) by passer.osg.gov.bc.ca (8.8.7/8.6.10) id
IAA00124 for <cschuber@passer.osg.gov.bc.ca>; Tue, 7 Oct 1997 08:09:08 -0700
(PDT)
Received: from orca.gov.bc.ca(142.32.102.25)
via SMTP by passer.osg.gov.bc.ca, id smtpdaaCFFa; Tue Oct 7 08:09:07 1997
Received: from brimstone.netspace.org by orca.gov.bc.ca (5.4R3.10/200.1.1.4)
id AA25425; Tue, 7 Oct 1997 08:09:00 -0700
Received: from IDENT-NONSENSE@netspace.org (port 34308 [128.148.157.6]) by
brimstone.netspace.org with ESMTP id <48678-22663>; Tue, 7 Oct 1997 11:02:28
-0400
Received: from NETSPACE.ORG by NETSPACE.ORG (LISTSERV-TCP/IP release 1.8c) with
spool id 5024005 for BUGTRAQ@NETSPACE.ORG; Tue, 7 Oct 1997 10:58:05
-0400
Received: from brimstone.netspace.org (brimstone [128.148.157.143]) by
netspace.org (8.8.7/8.8.2) with ESMTP id KAA00929 for
<BUGTRAQ@NETSPACE.ORG>; Tue, 7 Oct 1997 10:57:14 -0400
Received: from IDENT-NONSENSE@netspace.org (port 34308 [128.148.157.6]) by
brimstone.netspace.org with ESMTP id <23490-22665>; Tue, 7 Oct 1997
10:57:14 -0400
Approved-By: aleph1@UNDERGROUND.ORG
Received: from mercury.Sun.COM (mercury.Sun.COM [192.9.25.1]) by netspace.org
(8.8.7/8.8.2) with SMTP id GAA12905 for <BUGTRAQ@NETSPACE.ORG>; Tue,
7 Oct 1997 06:13:21 -0400
Received: from Holland.Sun.COM ([129.159.201.1]) by mercury.Sun.COM
(SMI-8.6/mail.byaddr) with SMTP id DAA27258 for
<BUGTRAQ@NETSPACE.ORG>; Tue, 7 Oct 1997 03:14:11 -0700
Received: from albano by Holland.Sun.COM (SMI-8.6/SMI-SVR4-sd.fkk200) id
MAA04717; Tue, 7 Oct 1997 12:10:17 +0200
Received: from holland by albano (SMI-8.6/SMI-SVR4-se.fkk201) id MAA26628; Tue,
7 Oct 1997 12:10:14 +0200
Message-Id: <199710071010.MAA26628@albano>
Date: Tue, 7 Oct 1997 12:12:24 +0200
Reply-To: Casper Dik <casper@holland.sun.com>
Sender: Bugtraq List <BUGTRAQ@netspace.org>
From: Casper Dik <casper@holland.sun.com>
Subject: Re: HP-UX tcp_random_seq
To: BUGTRAQ@netspace.org
In-Reply-To: Your message of "Mon, 06 Oct 1997 10:22:09 CDT."
<Pine.SUN.3.94.971006100841.14830C-100000@dfw.dfw.net>
Resent-To: cy@passer.osg.gov.bc.ca, pblake@uumail.gov.bc.ca
Resent-Date: Tue, 07 Oct 1997 08:09:10 -0700
Resent-From: Cy Schubert - ITSD Open Systems Group
<cschuber@passer.osg.gov.bc.ca>
>I dont belive this is been given enough distribution. Under HP-UX you can
>configure it to use random TCP sequence numbers by setting the
>tcp_random_seq variable. The values are:
>
> 0 - old behavior (default)
> 1 - rand(3) bahavior
> 2 - rand48(3) behhavior
>
>The seed value for the rand*() functions is based on the time when
>tcp_init() (or nettune) is called, so dont make your uptime public
>(i.e. rstatd).
>
Solaris 2.x has a similar option.
ndd -set /dev/tcp tcp_string_iss <value>
It accepts three values (2 in 2.5*)
0 - old behaviour
1 - using random(3) [default]
2 - new in 2.6., RFC 1948 support
The password for this is set from root's /etc/shadow entry
using ndd -set /dev/tcp tcp_1948_phrase <shadow field>
The method to set this in 2.6 is editing /etc/default/inetinit and add
TCP_STRONG_ISS=2
If you have lots of clients with the same encrypted root password, you'd
want to find another way of setting the tcp_1948_phrase
Casper
------- End of Forwarded Message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199710080322.UAA04881>