I noticed that NetBSD still has an incremental IPID generation.  Are
there any plans to change this?  I found a really old PR from 2000
(http://www.netbsd.org/cgi-bin/query-pr-single.pl?number=11288), but
apparently nothing came out of it.  Fyodor describes some of the
consequences of a predictable IPID on his website:
http://www.insecure.org/nmap/idlescan.html.  There are several solutions
including using all zeros with DF flag (Linux), randomization (OpenBSD),
and connection/peer-specific squences (Solaris).

David