From owner-freebsd-stable Sat May 5 16: 8:57 2001 Delivered-To: freebsd-stable@freebsd.org Received: from femail11.sdc1.sfba.home.com (femail11.sdc1.sfba.home.com [24.0.95.107]) by hub.freebsd.org (Postfix) with ESMTP id 71E3C37B422 for ; Sat, 5 May 2001 16:08:50 -0700 (PDT) (envelope-from stephen@math.missouri.edu) Received: from math.missouri.edu ([24.12.197.197]) by femail11.sdc1.sfba.home.com (InterMail vM.4.01.03.20 201-229-121-120-20010223) with ESMTP id <20010505230849.DUON22926.femail11.sdc1.sfba.home.com@math.missouri.edu> for ; Sat, 5 May 2001 16:08:49 -0700 Message-ID: <3AF48801.1331189C@math.missouri.edu> Date: Sat, 05 May 2001 18:08:49 -0500 From: Stephen Montgomery-Smith X-Mailer: Mozilla 4.77 [en] (X11; U; Linux 2.2.12 i386) X-Accept-Language: en MIME-Version: 1.0 To: stable@FreeBSD.ORG Subject: Re: ISN number prediction ? References: <3AF4821F.20BC4366@math.missouri.edu> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Stephen Montgomery-Smith wrote: > > Juha Saarinen wrote: > > > > :: I remember that if you run the program nmap on your server with the > > :: right flags, that it will give its opinion on how good this is. > > :: But I don't remember the right sequence of flags to do this - anyone > > :: care to help me? > > Yes, it is -O -v. As someone else suggested, it is just a number, but it is much much much higher than it used to be. Interestingly, before the TCP changes, the numbers used to depend upon how far away the computer being checked was from the computer running nmap. I guess it is reasonable that the faster the IP stuff gets sent, the smaller the time between the number generation, and hence the less random will seen the sequencing. Now the score that nmap gives of FreeBSD seems pegged on the max setting. -- Stephen Montgomery-Smith stephen@math.missouri.edu http://www.math.missouri.edu/~stephen To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message