From owner-freebsd-current Wed May 22 14:28:53 1996 Return-Path: owner-current Received: (from root@localhost) by freefall.freebsd.org (8.7.3/8.7.3) id OAA29350 for current-outgoing; Wed, 22 May 1996 14:28:53 -0700 (PDT) Received: from nol.net (root@dazed.nol.net [206.126.32.101]) by freefall.freebsd.org (8.7.3/8.7.3) with ESMTP id OAA29340 for ; Wed, 22 May 1996 14:28:46 -0700 (PDT) Received: from dazed.nol.net (blh@dazed.nol.net [206.126.32.101]) by nol.net (8.7.5/8.7.3) with SMTP id QAA16351; Wed, 22 May 1996 16:28:17 -0500 (CDT) X-AUTH: NOLNET SENDMAIL AUTH Date: Wed, 22 May 1996 16:28:15 -0500 (CDT) From: "Brett L. Hawn" To: "Charles C. Figueiredo" cc: Paul Traina , Garrett Wollman , Poul-Henning Kamp , current@FreeBSD.ORG Subject: Re: freebsd + synfloods + ip spoofing In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-current@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk On Wed, 22 May 1996, Charles C. Figueiredo wrote: > > So we're to say 'well, they're wrong so its ok for us to be' ? I think not > > > > Brett > > > > > Of course not! The only point I was touching on, is the fact that > you were wrong in making FreeBSD's implementation seem archaic and > extremely insecure in comparison to others. Which it isn't. I disagree, considering all the testing I've done in the last few days with sequencing and synfloods I'd have to say fbsd is the all around loser in this category. I've tested the following OS's for ease of sequence guessing, guess which one was by far the easiest to screw with: FreeBSD Linux HP-UX Solaris 2.4 Solaris 2.5 Solaris 2.4x86 Solaris 2.5x86 SunOS 4.1.1 SunOS 4.1.3 (note that SunOS was pretty easy to fuck over as well) Irix BSDi 2.0 AIX (version unknown) UnixWare 2.3 and at least 2 others which I don't recall off hand Of all of these the FreeBSD and the SunOS machines were incredibly easy to hose up by guessing their tcp sequences, the others took on the average of 10 tries apiece to get even close. Brett