From owner-freebsd-stable@FreeBSD.ORG Fri Sep 24 15:50:14 2004 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 522C816A5A1; Fri, 24 Sep 2004 15:50:14 +0000 (GMT) Received: from post5.inre.asu.edu (post5.inre.asu.edu [129.219.110.120]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0221743D3F; Fri, 24 Sep 2004 15:50:14 +0000 (GMT) (envelope-from David.Bear@asu.edu) Received: from conversion.post5.inre.asu.edu by asu.edu (PMDF V6.1-1X6 #30769) id <0I4J00A01YH07Q@asu.edu>; Fri, 24 Sep 2004 08:46:13 -0700 (MST) Received: from smtp.asu.edu (smtp.asu.edu [129.219.110.107]) <0I4J00981YH0VI@asu.edu>; Fri, 24 Sep 2004 08:46:12 -0700 (MST) Received: from moroni.pp.asu.edu (moroni.pp.asu.edu [129.219.69.200]) (8.12.10/8.12.10/asu_smtp_relay,nullclient,tcp_wrapped) with ESMTP id i8OFkA71011551; Fri, 24 Sep 2004 08:46:10 -0700 (MST) Received: by moroni.pp.asu.edu (Postfix, from userid 500) id C48C9E11; Fri, 24 Sep 2004 08:46:01 -0700 (MST) Received: from post1.inre.asu.edu (post1.inre.asu.edu [129.219.110.72]) by imap1.asu.edu (8.11.0/8.11.0/asu_cyrus,tcp_wrapped) with ESMTP id g03L9VN23855 for ; Thu, 03 Jan 2002 14:09:31 -0700 (MST) Received: from conversion.post1.inre.asu.edu by asu.edu (PMDF V6.1 #40110) david.bear@asu.edu) ; Thu, 03 Jan 2002 14:09:30 -0700 (MST) Received: from mx2.freebsd.org (mx2.FreeBSD.org [216.136.204.119]) by asu.edu (PMDF V6.1 #40110) with ESMTP id <0GPD00JIES3UP9@asu.edu> for iddwb@IMAP1.ASU.EDU (ORCPT david.bear@asu.edu); Thu, 03 Jan 2002 14:09:30 -0700 (MST) Received: from hub.freebsd.org (hub.FreeBSD.org [216.136.204.18]) by mx2.freebsd.org (Postfix) with ESMTP id 9CDA255BE7; Thu, 03 Jan 2002 13:08:56 -0800 Received: by hub.freebsd.org (Postfix, from userid 538) id 51EA137B447; Thu, 03 Jan 2002 13:08:09 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by hub.freebsd.org (Postfix) with SMTP id CF0222E820D; Thu, 03 Jan 2002 13:08:06 -0800 (PST) Received: by hub.freebsd.org (bulk_mailer v1.12); Thu, 03 Jan 2002 13:08:06 -0800 Received: from creme-brulee.marcuscom.com (rdu57-28-046.nc.rr.com [66.57.28.46]) by hub.freebsd.org (Postfix) with ESMTP id 2109137B41F; Thu, 03 Jan 2002 13:07:58 -0800 (PST) Received: from shumai.marcuscom.com (marcus@shumai.marcuscom.com [192.168.1.4])g03L7Iv27504; Thu, 03 Jan 2002 16:07:18 -0500 (EST envelope-from marcus@marcuscom.com) From: Joe Clarke In-reply-to: Sender: owner-freebsd-security@FreeBSD.ORG To: dwbear75@gmail.com Message-id: <1010092075.86152.20.camel@shumai.marcuscom.com> MIME-version: 1.0 X-Mailer: Evolution/1.0 (Preview Release) Content-type: text/plain Content-transfer-encoding: 7bit Precedence: bulk X-Loop: FreeBSD.org Delivered-to: freebsd-security@freebsd.org Old-To: msch@snafu.de Lines: 43 References: X-Keywords: cc: freebsd-security@FreeBSD.ORG cc: Peter.Sauerland@siemens.com cc: freebsd-stable@FreeBSD.ORG cc: iss@cert.siemens.de Subject: Re: TCP Sequence-Prediction (4.5-PRE) X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.1 List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Date: Fri, 24 Sep 2004 15:50:14 -0000 X-Original-Date: Thu, 03 Jan 2002 16:07:55 -0500 X-List-Received-Date: Fri, 24 Sep 2004 15:50:14 -0000 On Thu, 2002-01-03 at 15:59, Matthias Schuendehuette wrote: > Hello, > > my machine at work was scanned with the ISS Scanner, Vers. 6.2.1 and it > complained about TCP Sequence Prediction: > > 'The TCP sequence was found to be predictable.' > > I was advised to install FreeBSD 4.1.1-STABLE after 2000-09-28 or later > :-) as listed in FreBSD-SA-00:52. > > I looked at the published Patch in FreBSD-SA-00:52 but couldn't find > the Sourcecode Sequence to be patched any more (I wasn't wondering). > > But so, what shall I do, who's to blame? Is the ISS lying? Is there any > advice from the FreeBSD Security Officer or the developers how to > proceed further? Is this what you're looking for: ftp://ftp.freebsd.org/pub/FreeBSD/CERT/patches/SA-00%3A52/tcp-iss.patch Joe > > TIA - Matthias > > -- > *************************************************************************** > * Matthias Schuendehuette msch@snafu.de * > * Solmsstrasse 44 * > * D-10961 Berlin Engineering Systems Support and Operation * > * Germany (Powered by FreeBSD 4.5-PRERELEASE) * > *************************************************************************** > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-stable" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message