In "Re: TCP RST attack", "Jacques A. Vidrine" <[email protected]> wrote: > On Tue, Apr 20, 2004 at 01:32:40PM -0700, Dragos Ruiu wrote: > > Also keep in mind ports are predictable to varying degrees depending on > > the vendor or OS, which further reduces the brute force space you have to > > go though without sniffing. > > This is exactly why I ported OpenBSD's TCP ephemeral port allocation > randomization to FreeBSD-CURRENT (although I asked Mike Silby to commit > it for me and take the blame if it broke :-). It will also be MFC'd > shortly in time for 4.10-RELEASE. That sounds great! But a question arose in my mind... I think it'll improve FreeBSD as a client OS, but as a server OS it doesn't seem to help much (actually, any ;-). Is there any action planned to implement some kind of countermeasure for FreeBSD servers? Thanks, Tadaaki Nagao <[email protected]> System Design and Development Division, Internet Initiative Japan Inc. _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "[email protected]"