Skip site navigation (1)Skip section navigation (2) 
Date:      Sat, 7 Jul 2001 12:13:34 -0700
From:      "Jon O ." <jono@microshaft.org>
To:        Michael Nottebrock <MichaelNottebrock@gmx.net>
Cc:        freebsd-security@FreeBSD.ORG
Subject:   Re: IPSEC & TCP sequence number generation
Message-ID:  <20010707121334.A85498@networkcommand.com>
In-Reply-To: <1199.994531932@www25.gmx.net>; from MichaelNottebrock@gmx.net on Sat, Jul 07, 2001 at 08:52:12PM %2B0200
References:  <1199.994531932@www25.gmx.net>
next in thread | previous in thread | raw e-mail | index | archive | help 
This is very interesting, but let's make sure the test enviroment is not providing this type of result.

I tested this with:
 nmap -sT -O -v -v 

Can you provide the full nmap args you are using?

The machine I nmap'ed has IPSEC turned on and running. It gave me all 9's.

Now, I'm thinking lots of these home DSL/Cable modem gateways use pathetic tcp sequence algorithms. Could it be the nmap you used got data from this device instead of your FreeBSD box? Are you using an Alcatel DSL modem or something similar that runs in *Bridge* mode?



Thanks,
Jon


On 07-Jul-2001, Michael Nottebrock wrote:
> I recently recompiled my FreeBSD 4.3-STABLE kernel with
> 
> options IPSEC
> options IPSEC_ESP
> options IPSEC_DEBUG
> 
> in order to experiment with a IPSEC-VPN.
> 
> When I scanned myself from a few remote machines today, I noticed that 
> nmap -O reports a tcp sequence prediction class "trivial time dependency", 
> difficulty=0 (trivial joke), before enabling IPSEC it used to be all 9's. 
> Has anyone else experienced this? Have I overlooked something or is this 
> normal behaviour?
> 
> 
> Greetings,
> 
> Michael Nottebrock
> 
> -- 
> GMX - Die Kommunikationsplattform im Internet.
> http://www.gmx.net
> 
> GMX Tipp:
> 
> Machen Sie Ihr Hobby zu Geld bei unserem Partner 1&1!
> http://profiseller.de/info/index.php3?ac=OM.PS.PS003K00596T0409a


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010707121334.A85498>