On Sat, 18 Sep 2004, Danil V.Gerun wrote: > So, as far as I got to know, randomizing source ports in FreeBSD is > impossible now? (to be exact - is not implemented?) > > It's very interesting to me - WHY is it so? > I mean - may be there are good reasons for not making all this?.. Source port randomization was implemented before 4.10 was released. See in_pcb.c revisions 1.143 - 1.146, 1.59.2.27, or 1.59.2.27.2.1, depending on the branch you're interested in: http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/netinet/in_pcb.c > I don't have opportunity to test the FreeBSD 5 patch, but I tried to > analyze the patching results attentively (what I worry about - is > using the arc4random() function in FreeBSD 5...). What are your concerns with the way port randomization was implemented in FreeBSD? Mike "Silby" Silbersack _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "[email protected]"