From owner-freebsd-security Tue Apr 17 10:41:41 2001 Delivered-To: freebsd-security@freebsd.org Received: from earth.backplane.com (earth-nat-cw.backplane.com [208.161.114.67]) by hub.freebsd.org (Postfix) with ESMTP id A8E1437B422; Tue, 17 Apr 2001 10:41:36 -0700 (PDT) (envelope-from dillon@earth.backplane.com) Received: (from dillon@localhost) by earth.backplane.com (8.11.2/8.11.2) id f3HHfNZ95206; Tue, 17 Apr 2001 10:41:23 -0700 (PDT) (envelope-from dillon) Date: Tue, 17 Apr 2001 10:41:23 -0700 (PDT) From: Matt Dillon Message-Id: <200104171741.f3HHfNZ95206@earth.backplane.com> To: Kris Kennaway Cc: Kris Kennaway , Niels Provos , Wes Peters , freebsd-security@FreeBSD.ORG, net@FreeBSD.ORG, provos@OpenBSD.org Subject: Re: non-random IP IDs References: <20010416214611.6DA3F207C1@citi.umich.edu> <200104170157.f3H1v4d87804@earth.backplane.com> <20010416233042.A21394@xor.obsecurity.org> <200104171731.f3HHVFu94944@earth.backplane.com> <20010417103823.A49384@xor.obsecurity.org> Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org :> Let me put it another way: I think this sort of thing is an excellent :> example of introducing unnecessary kernel bloat into the system. Who :> gives a fart whether someone can port scan you efficiently or :> anonymously or not? I get port scanned every day. Most hackers don't :> even bother with portscans, they just try the exploit on the target= :=20 :> machines directly. : :Tools, not policy.. : :You may not care about it, but others do. : :Kris If it isn't already a kernel option, please make it one. I don't want it compiled into the binary. Those people who 'care' can add it to their kernel config. -Matt To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message