random IP seq numbers

To: debian users <debian-user@lists.debian.org>
Subject: random IP seq numbers
From: Martin F Krafft <madduck@madduck.net>
Date: Tue, 18 Sep 2001 08:45:23 +0200
Message-id: <[🔎] 20010918084523.E18613@fishbowl.madduck.net>
Mail-followup-to: Martin F Krafft <madduck@madduck.net>, debian users <debian-user@lists.debian.org>
In-reply-to: <3BA05845.E6D1EF23@aerasec.de>
References: <20010912185549.B29386@fishbowl.madduck.net> <10310000.1000314976@localhost> <3BA05845.E6D1EF23@aerasec.de>

i get this from nessus on one of our hosts:

>  . Warning found on port general/tcp
>     
>     The remote host uses non-random IP IDs, that is, it is
>     possible to predict the next value of the ip_id field of
>     the ip packets sent by this host.
>     
>     An attacker may use this feature to determine if the remote
>     host sent a packet in reply to another request. This may be
>     used for portscanning and other things.
>     
>     Solution : Contact your vendor for a patch
>     Risk factor :
>      Low

how can i make linux tcp/ip use random IP sequence numbers?

martin;              (greetings from the heart of the sun.)
  \____ echo mailto: !#^."<*>"|tr "<*> mailto:"; net@madduck
-- 
to vacillate or not to vacillate,
that is the question ... or is it?

Reply to:

Prev by Date: Re: internet connection (sent incorrectly, repeated here)
Next by Date: Fwd: albatross 2001/09/18 02:02 system check
Previous by thread: Re: eth0 is S-L-O-W--outgoing, that is
Next by thread: Fwd: albatross 2001/09/18 02:02 system check
Index(es):
- Date
- Thread