Subject: Re: security for netbsd as web server
To: Steven M. Bellovin <>
From: Felix Deichmann <>
List: netbsd-users
Date: 03/26/2005 00:00:40
Steven M. Bellovin wrote:
>>If you are really paranoid:
>># sysctl -w net.inet.ip.random_id=1
> Against what threat?

When there is only a simple IP ID increment, you can see a server's load 
by looking at the IP ID difference. ICMP echo (ping) replys are enough.

Ah, now that I read the article about IP IDs in German c't magazine, I 
see that they also refer to your paper "A Technique for Counting NATted 
Hosts" :-)