Subject: Re: random ip_id must be configurable
To: None <jonathan@DSG.Stanford.EDU>
From: Jun-ichiro itojun Hagino <firstname.lastname@example.org>
Date: 09/12/2003 06:58:22
> > randomizing IP fragment ID field is independent from attacks against
> > DNS ID field. therefore the discussion on DNS ID field has nothing
> > with randomizing IP fragment field.
> what, then, is the justification for this change?
predictable IP fragment ID allows malicious parties to inject bogus
fragment to your traffic, prohibiting your peer from reassembling your
fragments. it is a very common knowledge that predictable IP fragment
ID is a bad thing. nessus (http://www.nessus.org/) raises warning
if your system uses predictable ip_id field. for instance, see this
thread (on freebsd):