Date: Wed, 22 May 1996 13:35:42 -0400 (EDT) From: "Charles C. Figueiredo" <marxx@apocalypse.superlink.net> To: "Brett L. Hawn" <blh@nol.net> Cc: Paul Traina <pst@Shockwave.COM>, Garrett Wollman <wollman@lcs.mit.edu>, Poul-Henning Kamp <phk@critter.tfs.com>, current@FreeBSD.ORG Subject: Re: freebsd + synfloods + ip spoofing Message-ID: <Pine.BSF.3.91.960522132204.3698E@apocalypse.superlink.net> In-Reply-To: <Pine.SOL.3.93.960522154725.13907A-100000@dazed.nol.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Brett, at first you were talking about how easy it was to hose ports like 513 w/ SYN bit set packets, now you've moved into TCP sequence prediction, that's irrelevant to how hard it would be to predict a seq on a tcp session, in theory. The way the seq generator is right now, it's better than some commercial implementations. I'm not coping the "It's broken, but still better than the other stuff." attitude. You're blowing this out of perportion. *I* want to see what the hell you've done to prove FreeBSD is so insecure. If you built rbone, that's child's play; and harmless if you're sensible enough to use tcp wrappers, and besides, I think it still won't work. You're not going to create full-duplex connection based services and expect to see what you're doing, are you? I wanna see what I asked for in the other letter. "I don't want to grow up, I'm a BSD kid. There's so many toys in /usr/bin that I can play with!" ------------------------------------------------------------------------------ Charles C. Figueiredo Marxx marxx@superlink.net ------------------------------------------------------------------------------
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.91.960522132204.3698E>