From owner-freebsd-stable Thu Nov 2 11:55:48 2000 Delivered-To: freebsd-stable@freebsd.org Received: from jade.chc-chimes.com (jade.chc-chimes.com [216.28.46.6]) by hub.freebsd.org (Postfix) with ESMTP id 940EA37B4D7 for ; Thu, 2 Nov 2000 11:55:45 -0800 (PST) Received: by jade.chc-chimes.com (Postfix, from userid 1001) id A62F61C72; Thu, 2 Nov 2000 14:55:39 -0500 (EST) Date: Thu, 2 Nov 2000 14:55:39 -0500 From: Bill Fumerola To: stable@freebsd.org Cc: Lauri Laupmaa Subject: Re: TCP sequence prediction on freebsd Message-ID: <20001102145539.Z37870@jade.chc-chimes.com> References: <8E67E032AD23D4118F740050042F21F76F@lant.mbp.ee> <20001102113247.A13873@dragon.nuxi.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0i In-Reply-To: <20001102113247.A13873@dragon.nuxi.com>; from obrien@freebsd.org on Thu, Nov 02, 2000 at 11:32:47AM -0800 X-Operating-System: FreeBSD 3.3-STABLE i386 Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Thu, Nov 02, 2000 at 11:32:47AM -0800, David O'Brien wrote: > On Thu, Nov 02, 2000 at 02:12:05PM +0200, Lauri Laupmaa wrote: > > nmap reports something like: > > > TCP Sequence Prediction: Class=random positive increments > > > Difficulty=85682 (Worthy challenge) > > > > is this tcp sequence prediction really an security issue ? > > **YES** Do a search for the Mitnick attack on Tsutomu Shimomura. It was > possible because of the ability to predict the TCP sequence numbers. The question was if "_this_" prediction is really a securit issue (ie FreeBSD's), not if tcp sequence prediction in general is a security issue. At least that's how I read it. -- Bill Fumerola - Network Architect, BOFH / Chimes, Inc. billf@chimesnet.com / billf@FreeBSD.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message