Date: Wed, 22 May 1996 13:46:10 -0400 (EDT) From: "Charles C. Figueiredo" <marxx@apocalypse.superlink.net> To: blh@nol.net Cc: current@freebsd.org Subject: Re: freebsd + synfloods + ip spoofing (fwd) Message-ID: <Pine.BSF.3.91.960522134454.3698H-100000@apocalypse.superlink.net>
next in thread | raw e-mail | index | archive | help
"I don't want to grow up, I'm a BSD kid. There's so many toys in /usr/bin that I can play with!" ------------------------------------------------------------------------------ Charles C. Figueiredo Marxx marxx@superlink.net ------------------------------------------------------------------------------ ---------- Forwarded message ---------- Date: Tue, 21 May 1996 15:39:22 -0400 (EDT) From: Charles C. Figueiredo <marxx@apocalypse.superlink.net> To: "Brett L. Hawn" <blh@nol.net> Subject: Re: freebsd + synfloods + ip spoofing On Tue, 21 May 1996, Brett L. Hawn wrote: > On Tue, 21 May 1996, Charles C. Figueiredo wrote: > > > I agree, there is a number of packages being distributed. The bottom > > line is however, any TCP implementation can have it's seq's predicted, at > > the moment, even newer SVR4 implementation that alternate every 60 or > > so seconds can be taken care of. Stop banging on FreeBSD, every body is > > at risk. ;-) > > > I'm not 'banging on fbsd so much as pointing out that perhaps its time fbsd > took a look at some of the stuff SysV is doing rather than just naysaying > it. I've seen alot of BSD fans just automatically turn off the minute you > mention SysV but being a user of both I'd have to say that SysV is > inherently more secure if somewhat slower. Being part of the administration > team of an ISP I can say without doubt that I will give up some speed for > security, there are just too many people out there that could, would, will, > and do abuse even the slightest hole. > > Brett > > FreeBSD has an excellent tcp sequence prediction system, read your /usr/src/sys/netinet, then go read Solaris 2.5's tcp.c and compare. Look at tcp_random18() for example (a macro). I'de also like to know what you were attempting w/ TCP sequence prediction, if it was just how hard it was to hose the system w/ SYN bits, that's irrelevant to our number generator and the reliability of the implementation. That's dependant on the fact that the system is 4.4BSD based, which there's nothing wrong with. Now, if you're going to tell me that you tried to exploit r* services using tcp sequence prediction through port 513, well wrappers take care of that, I'de like to see you sequence a full-duplex connection based service, and prove FreeBSD cannot handle just as well as any other Unix. I want to know what you're doing w/ your experiments. You're merely giving me lists of stuff that's known by everyone. Regards, Marxx
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.91.960522134454.3698H-100000>