From owner-freebsd-security  Thu Jan  3 12:59:48 2002
Delivered-To: freebsd-security@freebsd.org
Received: from clever.eusc.inter.net (clever.eusc.inter.net [213.73.101.4])
	by hub.freebsd.org (Postfix) with ESMTP
	id B4BE037B417; Thu,  3 Jan 2002 12:59:42 -0800 (PST)
Received: from tc11-n67-101.de.inter.net ([213.73.67.101] helo=there)
	by clever.eusc.inter.net with smtp (Exim 3.22 #3)
	id 16MExc-0003MK-00; Thu, 03 Jan 2002 21:59:36 +0100
Content-Type: text/plain;
  charset="iso-8859-1"
From: Matthias Schuendehuette <msch@snafu.de>
Reply-To: msch@snafu.de
Organization: Micro$oft-free Zone
To: freebsd-security@freebsd.org
Subject: TCP Sequence-Prediction (4.5-PRE)
Date: Thu, 3 Jan 2002 21:59:35 +0100
X-Mailer: KMail [version 1.3.1]
Cc: freebsd-stable@freebsd.org, Peter.Sauerland@siemens.com,
	iss@cert.siemens.de
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Message-Id: <E16MExc-0003MK-00@clever.eusc.inter.net>
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

Hello,

my machine at work was scanned with the ISS Scanner, Vers. 6.2.1 and it 
complained about TCP Sequence Prediction:

'The TCP sequence was found to be predictable.'

I was advised to install FreeBSD 4.1.1-STABLE after 2000-09-28 or later 
:-) as listed in FreBSD-SA-00:52.

I looked at the published Patch in FreBSD-SA-00:52 but couldn't find 
the Sourcecode Sequence to be patched any more (I wasn't wondering).

But so, what shall I do, who's to blame? Is the ISS lying? Is there any 
advice from the FreeBSD Security Officer or the developers how to 
proceed further?

TIA - Matthias

-- 
***************************************************************************
* Matthias Schuendehuette	msch@snafu.de	      	 		  *
* Solmsstrasse 44							  *
* D-10961 Berlin		Engineering Systems Support and Operation *
* Germany		      	(Powered by FreeBSD 4.5-PRERELEASE)   	  *
***************************************************************************

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message