IPSEC & TCP sequence number generation

From: Michael Nottebrock (MichaelNottebrock@gmx.net)
Date: 07/07/01

Next message: Jon O .: "Re: IPSEC & TCP sequence number generation"
Previous message: Crist J. Clark: "Re: Firewall and ftp service"
Next in thread: Jon O .: "Re: IPSEC & TCP sequence number generation"
Reply: Jon O .: "Re: IPSEC & TCP sequence number generation"
Maybe reply: Michael Nottebrock: "Re: IPSEC & TCP sequence number generation"
Maybe reply: Michael Nottebrock: "Re: IPSEC & TCP sequence number generation"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Sat, 7 Jul 2001 20:52:12 +0200 (MEST)
From: Michael Nottebrock <MichaelNottebrock@gmx.net>
To: freebsd-security@freebsd.org

I recently recompiled my FreeBSD 4.3-STABLE kernel with

options IPSEC
options IPSEC_ESP
options IPSEC_DEBUG

in order to experiment with a IPSEC-VPN.

When I scanned myself from a few remote machines today, I noticed that
nmap -O reports a tcp sequence prediction class "trivial time dependency",
difficulty=0 (trivial joke), before enabling IPSEC it used to be all 9's.
Has anyone else experienced this? Have I overlooked something or is this
normal behaviour?

Greetings,

Michael Nottebrock

-- 
GMX - Die Kommunikationsplattform im Internet.
http://www.gmx.net
GMX Tipp:
Machen Sie Ihr Hobby zu Geld bei unserem Partner 1&1!
http://profiseller.de/info/index.php3?ac=OM.PS.PS003K00596T0409a
"
"

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Next message: Jon O .: "Re: IPSEC & TCP sequence number generation"
Previous message: Crist J. Clark: "Re: Firewall and ftp service"
Next in thread: Jon O .: "Re: IPSEC & TCP sequence number generation"
Reply: Jon O .: "Re: IPSEC & TCP sequence number generation"
Maybe reply: Michael Nottebrock: "Re: IPSEC & TCP sequence number generation"
Maybe reply: Michael Nottebrock: "Re: IPSEC & TCP sequence number generation"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]