Date: Sat, 5 Jan 2002 09:25:25 +0100 From: Matthias Schuendehuette <msch@snafu.de> To: Mike Silbersack <silby@silby.com> Cc: freebsd-stable@freebsd.org, Peter.Sauerland@siemens.com, iss@cert.siemens.de, freebsd-security@freebsd.org Subject: Re: TCP Sequence-Prediction (4.5-PRE) Message-ID: <E16Mm8s-0001Ai-00@smart.eusc.inter.net> In-Reply-To: <Pine.BSF.4.30.0201050004410.43880-100000@niwun.pair.com> References: <Pine.BSF.4.30.0201050004410.43880-100000@niwun.pair.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Am Samstag, 5. Januar 2002 06:06 schrieben Sie: > Guys, ISN generation has been secure since 4.3-release, though it has > gone through a few revisions since then. If ISS disagrees, it is > what should be inspected, not our ISN generation code. Changing the > various sysctls is not going to change the output in any fashion that > is noticeable to most people. Basically I agree and I hope, that the ISS people do some investigations concerning that issue. But OTOH it's at least a parameter to play with (the rfc1948-sysctl). Even if you're right (what I expect), I want to have it checked out. The scan lasts for about 15 minutes and I think it's no big deal to do some more and see if there are any reactions by ISS. If my colleague agrees, I'll know more on monday... However, many thanks for your interest and participation so far! Ciao/BSD - Matthias -- *************************************************************************** * Matthias Schuendehuette msch@snafu.de * * Solmsstrasse 44 * * D-10961 Berlin Engineering Systems Support and Operation * * Germany (Powered by FreeBSD 4.5-PRERELEASE) * *************************************************************************** To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?E16Mm8s-0001Ai-00>