From owner-freebsd-security  Tue Oct  7 20:23:07 1997
Return-Path: <owner-freebsd-security>
Received: (from root@localhost)
          by hub.freebsd.org (8.8.7/8.8.7) id UAA14134
          for security-outgoing; Tue, 7 Oct 1997 20:23:07 -0700 (PDT)
          (envelope-from owner-freebsd-security)
Received: from cwsys.cwent.com (66@cschuber.net.gov.bc.ca [142.31.240.113])
          by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id UAA14114
          for <freebsd-security@freebsd.org>; Tue, 7 Oct 1997 20:23:02 -0700 (PDT)
          (envelope-from cy@cwsys.cwent.com)
Received: (from uucp@localhost) by cwsys.cwent.com (8.8.7/8.6.10) id UAA04881 for <freebsd-security@freebsd.org>; Tue, 7 Oct 1997 20:22:58 -0700 (PDT)
Message-Id: <199710080322.UAA04881@cwsys.cwent.com>
Received: from localhost.cwent.com(127.0.0.1), claiming to be "cwsys"
 via SMTP by localhost.cwent.com, id smtpd004796; Wed Oct  8 03:22:37 1997
X-Mailer: exmh version 2.0gamma 1/27/96
Reply-to: Cy Schubert - ITSD Open Systems Group <cschuber@uumail.gov.bc.ca>
From: Cy Schubert - ITSD Open Systems Group <cschuber@uumail.gov.bc.ca>
X-Sender: cschuber
To: freebsd-security@freebsd.org
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Date: Tue, 07 Oct 1997 20:22:36 -0700
Sender: owner-freebsd-security@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

The following looks like it could be rather handy under FreeBSD.


Regards,                       Phone:  (250)387-8437
Cy Schubert                      Fax:  (250)387-5766
UNIX Support                   OV/VM:  BCSC02(CSCHUBER)
ITSD                          BITNET:  CSCHUBER@BCSC02.BITNET
Government of BC            Internet:  cschuber@uumail.gov.bc.ca
                                       Cy.Schubert@gems8.gov.bc.ca

		"Quit spooling around, JES do it."


------- Forwarded Message

Received: (from uucp@localhost) by passer.osg.gov.bc.ca (8.8.7/8.6.10) id 
IAA29559; Tue, 7 Oct 1997 08:09:19 -0700 (PDT)
X-UIDL: 876267727.016
Resent-Message-Id: <199710071509.IAA29559@passer.osg.gov.bc.ca>
Received: from localhost(127.0.0.1), claiming to be "passer.osg.gov.bc.ca"
 via SMTP by localhost, id smtpdaatpia; Tue Oct  7 08:09:12 1997
Received: (from uucp@localhost) by passer.osg.gov.bc.ca (8.8.7/8.6.10) id 
IAA00124 for <cschuber@passer.osg.gov.bc.ca>; Tue, 7 Oct 1997 08:09:08 -0700 
(PDT)
Received: from orca.gov.bc.ca(142.32.102.25)
 via SMTP by passer.osg.gov.bc.ca, id smtpdaaCFFa; Tue Oct  7 08:09:07 1997
Received: from brimstone.netspace.org by orca.gov.bc.ca (5.4R3.10/200.1.1.4)
	id AA25425; Tue, 7 Oct 1997 08:09:00 -0700
Received: from IDENT-NONSENSE@netspace.org (port 34308 [128.148.157.6]) by 
brimstone.netspace.org with ESMTP id <48678-22663>; Tue, 7 Oct 1997 11:02:28 
-0400
Received: from NETSPACE.ORG by NETSPACE.ORG (LISTSERV-TCP/IP release 1.8c) with
          spool id 5024005 for BUGTRAQ@NETSPACE.ORG; Tue, 7 Oct 1997 10:58:05
          -0400
Received: from brimstone.netspace.org (brimstone [128.148.157.143]) by
          netspace.org (8.8.7/8.8.2) with ESMTP id KAA00929 for
          <BUGTRAQ@NETSPACE.ORG>; Tue, 7 Oct 1997 10:57:14 -0400
Received: from IDENT-NONSENSE@netspace.org (port 34308 [128.148.157.6]) by
          brimstone.netspace.org with ESMTP id <23490-22665>; Tue, 7 Oct 1997
          10:57:14 -0400
Approved-By: aleph1@UNDERGROUND.ORG
Received: from mercury.Sun.COM (mercury.Sun.COM [192.9.25.1]) by netspace.org
          (8.8.7/8.8.2) with SMTP id GAA12905 for <BUGTRAQ@NETSPACE.ORG>; Tue,
          7 Oct 1997 06:13:21 -0400
Received: from Holland.Sun.COM ([129.159.201.1]) by mercury.Sun.COM
          (SMI-8.6/mail.byaddr) with SMTP id DAA27258 for
          <BUGTRAQ@NETSPACE.ORG>; Tue, 7 Oct 1997 03:14:11 -0700
Received: from albano by Holland.Sun.COM (SMI-8.6/SMI-SVR4-sd.fkk200) id
          MAA04717; Tue, 7 Oct 1997 12:10:17 +0200
Received: from holland by albano (SMI-8.6/SMI-SVR4-se.fkk201) id MAA26628; Tue,
          7 Oct 1997 12:10:14 +0200
Message-Id: <199710071010.MAA26628@albano>
Date: Tue, 7 Oct 1997 12:12:24 +0200
Reply-To: Casper Dik <casper@holland.sun.com>
Sender: Bugtraq List <BUGTRAQ@netspace.org>
From: Casper Dik <casper@holland.sun.com>
Subject: Re: HP-UX tcp_random_seq
To: BUGTRAQ@netspace.org
In-Reply-To: Your message of "Mon, 06 Oct 1997 10:22:09 CDT." 
              <Pine.SUN.3.94.971006100841.14830C-100000@dfw.dfw.net>
Resent-To: cy@passer.osg.gov.bc.ca, pblake@uumail.gov.bc.ca
Resent-Date: Tue, 07 Oct 1997 08:09:10 -0700
Resent-From: Cy Schubert - ITSD Open Systems Group 
<cschuber@passer.osg.gov.bc.ca>

>I dont belive this is been given enough distribution. Under HP-UX you can
>configure it to use random TCP sequence numbers by setting the
>tcp_random_seq variable. The values are:
>
>   0 - old behavior (default)
>   1 - rand(3) bahavior
>   2 - rand48(3) behhavior
>
>The seed value for the rand*() functions is based on the time when
>tcp_init() (or nettune) is called, so dont make your uptime public
>(i.e. rstatd).
>

Solaris 2.x has a similar option.

ndd -set /dev/tcp tcp_string_iss <value>

It accepts three values (2 in 2.5*)

        0 - old behaviour
        1 - using random(3) [default]
        2 - new in 2.6., RFC 1948 support
            The password for this is set from root's /etc/shadow entry
            using ndd -set /dev/tcp tcp_1948_phrase <shadow field>

The method to set this in 2.6 is editing /etc/default/inetinit and add
TCP_STRONG_ISS=2

If you have lots of clients with the same encrypted root password, you'd
want to find another way of setting the tcp_1948_phrase

Casper


------- End of Forwarded Message