Date: Tue, 17 Apr 2001 10:54:24 -0700 From: Kris Kennaway <kris@obsecurity.org> To: Matt Dillon <dillon@earth.backplane.com> Cc: freebsd-security@FreeBSD.ORG, net@FreeBSD.ORG Subject: Re: non-random IP IDs Message-ID: <20010417105424.A63938@xor.obsecurity.org> In-Reply-To: <200104171741.f3HHfNZ95206@earth.backplane.com>; from dillon@earth.backplane.com on Tue, Apr 17, 2001 at 10:41:23AM -0700 References: <20010416214611.6DA3F207C1@citi.umich.edu> <200104170157.f3H1v4d87804@earth.backplane.com> <20010416233042.A21394@xor.obsecurity.org> <200104171731.f3HHVFu94944@earth.backplane.com> <20010417103823.A49384@xor.obsecurity.org> <200104171741.f3HHfNZ95206@earth.backplane.com>
index | next in thread | previous in thread | raw e-mail
[-- Attachment #1 --] On Tue, Apr 17, 2001 at 10:41:23AM -0700, Matt Dillon wrote: > > :> Let me put it another way: I think this sort of thing is an excellent > :> example of introducing unnecessary kernel bloat into the system. Who > :> gives a fart whether someone can port scan you efficiently or > :> anonymously or not? I get port scanned every day. Most hackers don't > :> even bother with portscans, they just try the exploit on the target= > :=20 > :> machines directly. > : > :Tools, not policy.. > : > :You may not care about it, but others do. > : > :Kris > > If it isn't already a kernel option, please make it one. I don't > want it compiled into the binary. Those people who 'care' can > add it to their kernel config. That's probably a reasonable compromise. Kris [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE63INQWry0BWjoQKURApnUAJ4sAl/zGR1o5U5kkq3f4MPhKdlXkwCeOM6d 7BEla6Tvf4GNmd0n/wTNdrk= =2JeN -----END PGP SIGNATURE-----help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010417105424.A63938>