Date: Tue, 17 Apr 2001 21:28:25 +1000 (Australia/ACT) From: Darren Reed <avalon@coombs.anu.edu.au> To: julian@elischer.org (Julian Elischer) Cc: avalon@coombs.anu.edu.au (Darren Reed), kris@obsecurity.org (Kris Kennaway), silby@silby.com (Mike Silbersack), newsletter@marktroberts.com (Mark T Roberts), freebsd-security@FreeBSD.ORG, net@FreeBSD.ORG Subject: Re: non-random IP IDs Message-ID: <200104171128.VAA08430@caligula.anu.edu.au> In-Reply-To: <3ADBB93B.3C9DC3DE@elischer.org> from "Julian Elischer" at Apr 16, 2001 08:32:11 PM
next in thread | previous in thread | raw e-mail | index | archive | help
In some mail from Julian Elischer, sie said: > > Darren Reed wrote: > > > > In some mail from Kris Kennaway, sie said: > > > > > > > > > --rwEMma7ioTxnRzrJ > > > Content-Type: text/plain; charset=us-ascii > > > Content-Disposition: inline > > > Content-Transfer-Encoding: quoted-printable > > > > > > On Mon, Apr 16, 2001 at 02:03:11AM -0700, Kris Kennaway wrote: > > > > > > > Here's a patch ported from OpenBSD which randomizes this (supposedly > > > > such that it respects the constraint of not wrapping within the > > > > prescribed time period). I should wrap it in a sysctl, I guess. > > > >=20 > > > > http://www.freebsd.org/~kris/ipid.patch > > > > > > Okay, I did this and updated the patch, with the sysctl defaulting to > > > off since the random algorithm does add some amount of overhead. > > > > > > > Comments? > > > > You should optimize it for mod being 2^n-1 (or make that a requirement). > > > > Also, drop the HTONS statements, they no longer make sense. Before ip_id > > was a counter and so it made sense (sorta) to change its byte ordering to > > network. Now it's just a random number so there is no longer any need. > > there is a site that calculates server uptime from these numbers. > All the leading machines are freeBSD. When you do this it will > no-longer be able to track us :-( IMHO, extraordinarily large uptimes are nothing to be proud of and say nothing about the quality of software. I'd almost go so far as to say uptimes greater than 1 year indicate that the system administration practises need review. Darren To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200104171128.VAA08430>