Subject: Re: random ip_id must be configurable
To: Jun-ichiro itojun Hagino <>
From: Matt Thomas <>
List: tech-net
Date: 09/11/2003 18:56:37
On Thursday, September 11, 2003, at 06:13 PM, Jun-ichiro itojun Hagino 

>>  * There are environments where the computational cost does not 
>> justify
>>   deploying this fix.
> 	have you measured it?  i mean, not on the userland but macro benchmark
> 	like scp/ftp/whatever.  i there *any* noticeable difference?
> 	(if you use vax/pdp, yeah, maybe...)

I use VAX systems.  I have 40MHz MIPS cpus with FDDI.
The overhead is real.

I have always believed the ip_id "attack" is just hype.  The only useful
info they get is how fast you are sending packets, maybe.  They can 
synthesize junk IP packets using your address without knowing ip_id.
Matt Thomas                     email:
3am Software Foundry              www: Cupertino, CA              
disclaimer: I avow all knowledge of this message.