From owner-freebsd-current Tue May 21 13:55:13 1996 Return-Path: owner-current Received: (from root@localhost) by freefall.freebsd.org (8.7.3/8.7.3) id NAA28856 for current-outgoing; Tue, 21 May 1996 13:55:13 -0700 (PDT) Received: from halloran-eldar.lcs.mit.edu (halloran-eldar.lcs.mit.edu [18.26.0.159]) by freefall.freebsd.org (8.7.3/8.7.3) with SMTP id NAA28847 for ; Tue, 21 May 1996 13:55:11 -0700 (PDT) Received: by halloran-eldar.lcs.mit.edu; (5.65/1.1.8.2/19Aug95-0530PM) id AA01868; Tue, 21 May 1996 16:53:47 -0400 Date: Tue, 21 May 1996 16:53:47 -0400 From: Garrett Wollman Message-Id: <9605212053.AA01868@halloran-eldar.lcs.mit.edu> To: Poul-Henning Kamp Cc: current@freebsd.org Subject: Re: freebsd + synfloods + ip spoofing In-Reply-To: <207.832711909@critter.tfs.com> References: <9605211527.AA32609@halloran-eldar.lcs.mit.edu> <207.832711909@critter.tfs.com> Sender: owner-current@freebsd.org X-Loop: FreeBSD.org Precedence: bulk < said: >> > For kicks some time ago I built a spoofer and I can tell you this much, >> > creating at least a pseudo-random number generator for sequencing will stop >> > a large # of the spoofers. >> >> Which is why this was introduced in FreeBSD many months ago. > Well, we don't use it for TCP yet do we ? What do you think I just said? Take a moment to examine tcp_iss in the debugger... -GAWollman -- Garrett A. Wollman | Shashish is simple, it's discreet, it's brief. ... wollman@lcs.mit.edu | Shashish is the bonding of hearts in spite of distance. Opinions not those of| It is a bond more powerful than absence. We like people MIT, LCS, ANA, or NSA| who like Shashish. - Claude McKenzie + Florent Vollant