Subject: Re: random ip_id must be configurable
To: None <>
From: Jun-ichiro itojun Hagino <>
List: tech-net
Date: 09/13/2003 06:33:43
	i got a couple of references on ip_id/DNS id attacks:

	smb's paper on counting hosts behind NAT using ip_id.  if you use
	non-random ip_id, number of hosts behind NAT will be revealed.

	There is a tool that exploits sequential DNS ids blindly at:

	note also freebsd and Solaris do randomize ip_id.