Date: Wed, 22 May 1996 16:36:28 -0500 (CDT) From: "Brett L. Hawn" <blh@nol.net> To: "Charles C. Figueiredo" <marxx@apocalypse.superlink.net> Cc: Paul Traina <pst@Shockwave.COM>, Garrett Wollman <wollman@lcs.mit.edu>, Poul-Henning Kamp <phk@critter.tfs.com>, current@FreeBSD.ORG Subject: Re: freebsd + synfloods + ip spoofing Message-ID: <Pine.SOL.3.93.960522163002.15887C-100000@dazed.nol.net> In-Reply-To: <Pine.BSF.3.91.960522132204.3698E@apocalypse.superlink.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 22 May 1996, Charles C. Figueiredo wrote: > Brett, at first you were talking about how easy it was to hose ports > like 513 w/ SYN bit set packets, now you've moved into TCP sequence > prediction, that's irrelevant to how hard it would be to predict a seq on > a tcp session, in theory. The way the seq generator is right now, it's better > than some commercial implementations. I'm not coping the "It's > broken, but still better than the other stuff." attitude. You're blowing > this out of perportion. *I* want to see what the hell you've done to > prove FreeBSD is so insecure. If you built rbone, that's child's play; > and harmless if you're sensible enough to use tcp wrappers, and besides, > I think it still won't work. You're not going to create full-duplex > connection based services and expect to see what you're doing, are you? > I wanna see what I asked for in the other letter. I never made any commentary towards ports 513 or the like, I think you are getting yourself confused. As for the tcp sequences, its quite easy to see, catch me on IRC one day when I'm not busy and I'll happily spoof you and pretend to be you just so you can see. Once we're done with that perhaps I'll wander around and pretend to be your system and go fuck with some .gov sites, I'm sure a visit from some federalies would just make your day no? The basic problem here is the fact that I've yet to have a problem pretending to be a fbsd box, which means for all intents and purposes that if I wanted to cause you a lot of hell I could. Personally I find the idea of someone being able to pretend their me enough reason to re-vamp the sequence generator. Last I checked fbsd was still incrementing in 64k jumps, even if the first ack is random, pretty simple from there. Brett BTW: You're taking this awfully personal aren't you? If I didn't know better I'd say you're acting your age.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.SOL.3.93.960522163002.15887C-100000>