Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 22 May 1996 20:26:29 -0700 (MST)
From:      Terry Lambert <terry@lambert.org>
To:        blh@nol.net (Brett L. Hawn)
Cc:        marxx@apocalypse.superlink.net, pst@Shockwave.COM, wollman@lcs.mit.edu, phk@critter.tfs.com, current@FreeBSD.ORG
Subject:   Re: freebsd + synfloods + ip spoofing
Message-ID:  <199605230326.UAA06229@phaeton.artisoft.com>
In-Reply-To: <Pine.SOL.3.93.960522163712.15887D-100000@dazed.nol.net> from "Brett L. Hawn" at May 22, 96 04:38:31 pm
next in thread | previous in thread | raw e-mail | index | archive | help 
> > 	The problem doesn't lies in the sequence generator, the problem lies 
> > in the fact that any 4.{3.4}BSD derived OS gets hosed up by 8 SYN packets 
> > from an unreachable host, that's all, 8. That's why, as you notice, 
> > SunOS affected too. What I've been trying to say is that nothing is 
> > wrong with the generator, as compared to other OSs, FreeBSD's is 
> > actually better! The problem is that FreeBSD, as other BSD OSs, only 
> > takes 8 SYN packets from an unreachable host to hose.
> 
> Ok, so now we have two problems, 1: it only takes 8 syn's to hose fbsd 2: an
> easy to guess sequence generator. My guess is that #1 would be easier to
> avoid if #2 were fixed.

Avoidance is a non-fix.  Both really need to be fixed.

Some general comments on this thread:

The BSD problem is that the sequence number is randomized at the start
of life and rather regularly guessable from there.

I'm also not so thin-skinned as to believe that any criticism of
FreeBSD is calling the baby ugly.

IRC aside, it's wrong to dismiss Brett's points on the basis of
religion.  As Sgt. Pinback said to the Bomb, an idea is valid or
invalid independent of its source.

Personnally, I wouldn't be so casual dismissing the source; but
even if you casually dismiss the source, the idea can not be so
easily dismissed.

Brett wants to make it better; don't shoot him in the head for
bearing bad tidings because they are bad tidings.


					Regards,
					Terry Lambert
					terry@lambert.org
---
Any opinions in this posting are my own and not those of my present
or previous employers.

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199605230326.UAA06229>