Subject: Re: random ip_id must be configurable
To: None <firstname.lastname@example.org>
From: Bill Studenmund <email@example.com>
Date: 09/14/2003 21:36:59
On Sat, 13 Sep 2003 firstname.lastname@example.org wrote:
> >> note also freebsd and Solaris do randomize ip_id.
> >For those who have poor reading skills, please note that the FreeBSD 4
> >randomized ip_ids are an config-time option, and the option defaults
> >to "off". I think that's a *good* example for us to follow.
> >(Anyone who read the netipsec/ code should have notice that; netipsec/
> >still has support for the FreeBSD 4 option header and ifdef.)
> based on nmap OS fingerprint database, freebsd randomizes ip_id.
> also you see even quite a few embedded products (like small broadband
> router) randomizes ip_id. why we can't do it for netbsd.
I don't think most folks are against this being an option that defaults to
off. We're against it being on all the time no matter what.