From owner-freebsd-security Mon Apr 16 14:17:37 2001 Delivered-To: freebsd-security@freebsd.org Received: from mail1.vanion.com (mail1.vanion.com [216.84.36.102]) by hub.freebsd.org (Postfix) with ESMTP id DFD9C37B505 for ; Mon, 16 Apr 2001 14:17:33 -0700 (PDT) (envelope-from shieronymus@hiertech.com) Received: from work1 ([216.84.36.100]) by mail1.vanion.com (InterMail vK.4.02.00.10 201-232-116-110 license e9bafdcb120a7d1559850f82300897dc) with SMTP id <20010416212407.LRBB431.mail1@work1> for ; Mon, 16 Apr 2001 15:24:07 -0600 From: "Seth Andreas Hieronymus" To: Subject: tcp sequence prediction question Date: Mon, 16 Apr 2001 15:17:46 -0600 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0) X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 Importance: Normal Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hello, When comparing nmap -O output for my FreeBSD server (4.3RC4) and a Linux machine (2.4), there are significant differences in their tcp sequence prediction difficulties. FreeBSD only had on the order of 15,000 - 20,000, while Linux had 3,000,000 - 5,000,000. I saw that the security advisory FreeBSD-SA-00:52.tcp-iss.asc was an attempt to strengthen the randomness of this. Did it help? What is going on with the large differences? Is this a problem at all? Thanks very much. Hope I got the right list. Seth --- Signature --- Seth Andreas Hieronymus President Hieronymus Technologies, Inc. 223 North Wahsatch Avenue, Suite 205 Colorado Springs, CO 80903 719.328.1881 shieronymus@hiertech.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message