Skip site navigation (1)Skip section navigation (2)
Date:      04 Jan 2002 12:32:29 -0500
From:      Joe Clarke <marcus@marcuscom.com>
To:        msch@snafu.de
Cc:        freebsd-security@FreeBSD.ORG, freebsd-stable@FreeBSD.ORG
Subject:   Re: TCP Sequence-Prediction (4.5-PRE)
Message-ID:  <1010165550.16995.2.camel@shumai.marcuscom.com>
In-Reply-To: <E16MX0z-0004sQ-00@clever.eusc.inter.net>
References:  <E16MExc-0003MK-00@clever.eusc.inter.net> <1010092075.86152.20.camel@shumai.marcuscom.com>  <E16MX0z-0004sQ-00@clever.eusc.inter.net>

next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 2002-01-04 at 11:16, Matthias Schuendehuette wrote:
> Hi Joe,
> 
> Am Donnerstag, 3. Januar 2002 22:07 schrieben Sie:
> > On Thu, 2002-01-03 at 15:59, Matthias Schuendehuette wrote:
> > > I looked at the published Patch in FreBSD-SA-00:52 but couldn't
> > > find the Sourcecode Sequence to be patched any more (I wasn't
> > > wondering).
> >
> > Is this what you're looking for:
> >
> > ftp://ftp.freebsd.org/pub/FreeBSD/CERT/patches/SA-00%3A52/tcp-iss.pat
> >ch
> 
> as I've mentioned above, I *found* that patch but if you look at the 
> source files to patch you'll recognize that they're completely 
> different now and that the patch doesn't succeed anymore (which isn't 
> surprising for noone IMHO).
> 
> I think, the point is what ISS states as 'predictable'... I'll wait 
> what our iss-service declares - I can't imagine that 4.5-PRERELEASE is 
> worse than 4.1.1-STABLE concerning 'tcp prediction'.

Later FreeBSD 4.x's use arc4random for ISS.  It get all 9's from nmap,
and is completely unguessable.  Upgrading to 4.4-RELEASE or 4.5-PRE will
set you up.

Joe

> 
> Ciao/BSD - Matthias
> 
> -- 
> ***************************************************************************
> * Matthias Schuendehuette	msch@snafu.de	      	 		  *
> * Solmsstrasse 44							  *
> * D-10961 Berlin		Engineering Systems Support and Operation *
> * Germany		      	(Powered by FreeBSD 4.5-PRERELEASE)   	  *
> ***************************************************************************
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-stable" in the body of the message
> 



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1010165550.16995.2.camel>