From owner-freebsd-security Thu Jan 3 13: 8: 9 2002 Delivered-To: freebsd-security@freebsd.org Received: from creme-brulee.marcuscom.com (rdu57-28-046.nc.rr.com [66.57.28.46]) by hub.freebsd.org (Postfix) with ESMTP id 2109137B41F; Thu, 3 Jan 2002 13:07:58 -0800 (PST) Received: from shumai.marcuscom.com (marcus@shumai.marcuscom.com [192.168.1.4]) by creme-brulee.marcuscom.com (8.11.6/8.11.6) with ESMTP id g03L7Iv27504; Thu, 3 Jan 2002 16:07:18 -0500 (EST) (envelope-from marcus@marcuscom.com) Subject: Re: TCP Sequence-Prediction (4.5-PRE) From: Joe Clarke To: msch@snafu.de Cc: freebsd-security@FreeBSD.ORG, freebsd-stable@FreeBSD.ORG, Peter.Sauerland@siemens.com, iss@cert.siemens.de In-Reply-To: References: Content-Type: text/plain Content-Transfer-Encoding: 7bit X-Mailer: Evolution/1.0 (Preview Release) Date: 03 Jan 2002 16:07:55 -0500 Message-Id: <1010092075.86152.20.camel@shumai.marcuscom.com> Mime-Version: 1.0 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Thu, 2002-01-03 at 15:59, Matthias Schuendehuette wrote: > Hello, > > my machine at work was scanned with the ISS Scanner, Vers. 6.2.1 and it > complained about TCP Sequence Prediction: > > 'The TCP sequence was found to be predictable.' > > I was advised to install FreeBSD 4.1.1-STABLE after 2000-09-28 or later > :-) as listed in FreBSD-SA-00:52. > > I looked at the published Patch in FreBSD-SA-00:52 but couldn't find > the Sourcecode Sequence to be patched any more (I wasn't wondering). > > But so, what shall I do, who's to blame? Is the ISS lying? Is there any > advice from the FreeBSD Security Officer or the developers how to > proceed further? Is this what you're looking for: ftp://ftp.freebsd.org/pub/FreeBSD/CERT/patches/SA-00%3A52/tcp-iss.patch Joe > > TIA - Matthias > > -- > *************************************************************************** > * Matthias Schuendehuette msch@snafu.de * > * Solmsstrasse 44 * > * D-10961 Berlin Engineering Systems Support and Operation * > * Germany (Powered by FreeBSD 4.5-PRERELEASE) * > *************************************************************************** > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-stable" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message