Date: Wed, 22 May 1996 16:28:15 -0500 (CDT) From: "Brett L. Hawn" <blh@nol.net> To: "Charles C. Figueiredo" <marxx@apocalypse.superlink.net> Cc: Paul Traina <pst@Shockwave.COM>, Garrett Wollman <wollman@lcs.mit.edu>, Poul-Henning Kamp <phk@critter.tfs.com>, current@FreeBSD.ORG Subject: Re: freebsd + synfloods + ip spoofing Message-ID: <Pine.SOL.3.93.960522162030.15887A-100000@dazed.nol.net> In-Reply-To: <Pine.BSF.3.91.960522131211.3698C-100000@apocalypse.superlink.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 22 May 1996, Charles C. Figueiredo wrote: > > So we're to say 'well, they're wrong so its ok for us to be' ? I think not > > > > Brett > > > > > Of course not! The only point I was touching on, is the fact that > you were wrong in making FreeBSD's implementation seem archaic and > extremely insecure in comparison to others. Which it isn't. I disagree, considering all the testing I've done in the last few days with sequencing and synfloods I'd have to say fbsd is the all around loser in this category. I've tested the following OS's for ease of sequence guessing, guess which one was by far the easiest to screw with: FreeBSD Linux HP-UX Solaris 2.4 Solaris 2.5 Solaris 2.4x86 Solaris 2.5x86 SunOS 4.1.1 SunOS 4.1.3 (note that SunOS was pretty easy to fuck over as well) Irix BSDi 2.0 AIX (version unknown) UnixWare 2.3 and at least 2 others which I don't recall off hand Of all of these the FreeBSD and the SunOS machines were incredibly easy to hose up by guessing their tcp sequences, the others took on the average of 10 tries apiece to get even close. Brett
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.SOL.3.93.960522162030.15887A-100000>