non-random IP IDs

Alexandre Hautequest (hquest@fesppr.br)
Thu, 25 Jan 2001 17:40:50 -0200 (BRST)


Hi all.

I was playing a bit on some of my machines with Nessus (www.nessus.org), and it
told me the following text:

"The remote host uses non-random IP IDs, that is, it is
possible to predict the next value of the ip_id field of
the ip packets sent by this host.

An attacker may use this feature to determine if the remote
host sent a packet in reply to another request. This may be
used for portscanning and other things.

Solution : Contact your vendor for a patch
Risk factor : Low"

Is there some option to dinamically enable this random IP ID's, or I need to
change something and recompile, or just "No way!"?

Please cc me as i'm not subscribed to the list.

Thanks in advance.

--
Alexandre Hautequest
hquest at fesppr.br

"Globalização: Um paraguaio dirigindo pelas estradas brasileiras um carro francês fabricado na Argentina ouvindo música americana num som japonês."

------------------------------------------------- Esta mensagem foi enviada pelo WebMail da FESP. Conheça a FESP: http://www.fesppr.br/ - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org Please read the FAQ at http://www.tux.org/lkml/