From owner-freebsd-current Wed May 22 14:26:58 1996 Return-Path: owner-current Received: (from root@localhost) by freefall.freebsd.org (8.7.3/8.7.3) id OAA29109 for current-outgoing; Wed, 22 May 1996 14:26:58 -0700 (PDT) Received: from apocalypse.superlink.net (root@apocalypse.superlink.net [205.246.27.150]) by freefall.freebsd.org (8.7.3/8.7.3) with ESMTP id OAA29103 for ; Wed, 22 May 1996 14:26:49 -0700 (PDT) Received: (from marxx@localhost) by apocalypse.superlink.net (8.7.5/8.7.3) id NAA03944; Wed, 22 May 1996 13:35:42 -0400 (EDT) Date: Wed, 22 May 1996 13:35:42 -0400 (EDT) From: "Charles C. Figueiredo" To: "Brett L. Hawn" cc: Paul Traina , Garrett Wollman , Poul-Henning Kamp , current@FreeBSD.ORG Subject: Re: freebsd + synfloods + ip spoofing In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-current@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk Brett, at first you were talking about how easy it was to hose ports like 513 w/ SYN bit set packets, now you've moved into TCP sequence prediction, that's irrelevant to how hard it would be to predict a seq on a tcp session, in theory. The way the seq generator is right now, it's better than some commercial implementations. I'm not coping the "It's broken, but still better than the other stuff." attitude. You're blowing this out of perportion. *I* want to see what the hell you've done to prove FreeBSD is so insecure. If you built rbone, that's child's play; and harmless if you're sensible enough to use tcp wrappers, and besides, I think it still won't work. You're not going to create full-duplex connection based services and expect to see what you're doing, are you? I wanna see what I asked for in the other letter. "I don't want to grow up, I'm a BSD kid. There's so many toys in /usr/bin that I can play with!" ------------------------------------------------------------------------------ Charles C. Figueiredo Marxx marxx@superlink.net ------------------------------------------------------------------------------