From owner-freebsd-security  Tue Apr 17 14:20:52 2001
Delivered-To: freebsd-security@freebsd.org
Received: from mail.wlcg.com (mail.wlcg.com [207.226.17.4])
	by hub.freebsd.org (Postfix) with ESMTP
	id BB1C637B424; Tue, 17 Apr 2001 14:20:46 -0700 (PDT)
	(envelope-from rsimmons@wlcg.com)
Received: from localhost (rsimmons@localhost)
	by mail.wlcg.com (8.11.3/8.11.3) with ESMTP id f3HLJbS92759;
	Tue, 17 Apr 2001 17:19:41 -0400 (EDT)
	(envelope-from rsimmons@wlcg.com)
Date: Tue, 17 Apr 2001 17:19:34 -0400 (EDT)
From: Rob Simmons <rsimmons@wlcg.com>
To: Matt Dillon <dillon@earth.backplane.com>
Cc: Kris Kennaway <kris@obsecurity.org>,
	Niels Provos <provos@citi.umich.edu>, Wes Peters <wes@softweyr.com>,
	<freebsd-security@FreeBSD.ORG>, <net@FreeBSD.ORG>,
	<provos@OpenBSD.org>
Subject: Re: non-random IP IDs
In-Reply-To: <200104171731.f3HHVFu94944@earth.backplane.com>
Message-ID: <Pine.BSF.4.33.0104171717580.90524-100000@mail.wlcg.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

On Tue, 17 Apr 2001, Matt Dillon wrote:

>     Let me put it another way:  I think this sort of thing is an excellent
>     example of introducing unnecessary kernel bloat into the system.  Who
>     gives a fart whether someone can port scan you efficiently or
>     anonymously or not?  I get port scanned every day.  Most hackers don't
>     even bother with portscans, they just try the exploit on the target
>     machines directly.

You could add a kernel config variable in case someone wants a less
bloated kernel.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (FreeBSD)
Comment: For info see http://www.gnupg.org

iD8DBQE63LNpv8Bofna59hYRA/5RAKCIRJTLpcf8kZ7q86QeLrfUzWBM9gCgqhuO
GTxP1jwxVOgpsCpfGjx10js=
=Y/2k
-----END PGP SIGNATURE-----



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message