Date: Wed, 21 Apr 2004 06:10:03 -0500 From: "Jacques A. Vidrine" <nectar@FreeBSD.org> To: Dragos Ruiu <dr@kyx.net> Cc: Dag-Erling =?iso-8859-1?Q?Sm=F8rgrav?= <des@des.no> Subject: Re: TCP RST attack Message-ID: <20040421111003.GB19640@lum.celabo.org> In-Reply-To: <200404201332.40827.dr@kyx.net> References: <6.0.3.0.0.20040420125557.06b10d48@209.112.4.2> <xzp65buh5fa.fsf@dwp.des.no> <6.0.3.0.0.20040420144001.0723ab80@209.112.4.2> <200404201332.40827.dr@kyx.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Apr 20, 2004 at 01:32:40PM -0700, Dragos Ruiu wrote: > Also keep in mind ports are predictable to varying degrees depending on > the vendor or OS, which further reduces the brute force space you have to > go though without sniffing. This is exactly why I ported OpenBSD's TCP ephemeral port allocation randomization to FreeBSD-CURRENT (although I asked Mike Silby to commit it for me and take the blame if it broke :-). It will also be MFC'd shortly in time for 4.10-RELEASE. Cheers, -- Jacques Vidrine / nectar@celabo.org / jvidrine@verio.net / nectar@freebsd.org
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040421111003.GB19640>