Skip site navigation (1)Skip section navigation (2)
Date:      03 Jan 2002 16:07:55 -0500
From:      Joe Clarke <marcus@marcuscom.com>
To:        msch@snafu.de
Cc:        freebsd-security@FreeBSD.ORG, freebsd-stable@FreeBSD.ORG, Peter.Sauerland@siemens.com, iss@cert.siemens.de
Subject:   Re: TCP Sequence-Prediction (4.5-PRE)
Message-ID:  <1010092075.86152.20.camel@shumai.marcuscom.com>
In-Reply-To: <E16MExc-0003MK-00@clever.eusc.inter.net>
References:  <E16MExc-0003MK-00@clever.eusc.inter.net>

next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 2002-01-03 at 15:59, Matthias Schuendehuette wrote:
> Hello,
> 
> my machine at work was scanned with the ISS Scanner, Vers. 6.2.1 and it 
> complained about TCP Sequence Prediction:
> 
> 'The TCP sequence was found to be predictable.'
> 
> I was advised to install FreeBSD 4.1.1-STABLE after 2000-09-28 or later 
> :-) as listed in FreBSD-SA-00:52.
> 
> I looked at the published Patch in FreBSD-SA-00:52 but couldn't find 
> the Sourcecode Sequence to be patched any more (I wasn't wondering).
> 
> But so, what shall I do, who's to blame? Is the ISS lying? Is there any 
> advice from the FreeBSD Security Officer or the developers how to 
> proceed further?

Is this what you're looking for:

ftp://ftp.freebsd.org/pub/FreeBSD/CERT/patches/SA-00%3A52/tcp-iss.patch

Joe

> 
> TIA - Matthias
> 
> -- 
> ***************************************************************************
> * Matthias Schuendehuette	msch@snafu.de	      	 		  *
> * Solmsstrasse 44							  *
> * D-10961 Berlin		Engineering Systems Support and Operation *
> * Germany		      	(Powered by FreeBSD 4.5-PRERELEASE)   	  *
> ***************************************************************************
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-stable" in the body of the message
> 



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1010092075.86152.20.camel>