Subject: Re: random ip_id must be configurable
To: None <>
From: Bill Studenmund <>
List: tech-net
Date: 09/14/2003 21:36:59
On Sat, 13 Sep 2003 wrote:

> >>        note also freebsd and Solaris do randomize ip_id.
> >>
> >For those who have poor reading skills, please note that the FreeBSD 4
> >randomized ip_ids are an config-time option, and the option defaults
> >to "off".  I think that's a *good* example for us to follow.
> >(Anyone who read the netipsec/ code should have notice that; netipsec/
> >still has support for the FreeBSD 4 option header and ifdef.)
> 	based on nmap OS fingerprint database, freebsd randomizes ip_id.
> 	also you see even quite a few embedded products (like small broadband
> 	router) randomizes ip_id.  why we can't do it for netbsd.

I don't think most folks are against this being an option that defaults to
off. We're against it being on all the time no matter what.

Take care,