SLUG Mailing List Archives
[SLUG] Security warning
- To: slug@xxxxxxxxxxx
- Subject: [SLUG] Security warning
- From: Ken Caldwell <kencaldwell@xxxxxxxxxxxxxxxx>
- Date: Tue Sep 4 11:58:01 2001
- User-agent: Mutt/1.3.20i
Following Rebecca's talk last Friday I ran nessus over my computers.
Included in the reports generated was the following warning:
. Warning found on port general/tcp
The remote host uses non-random IP IDs, that is, it is
possible to predict the next value of the ip_id field of
the ip packets sent by this host.
An attacker may use this feature to determine if the remote
host sent a packet in reply to another request. This may be
used for portscanning and other things.
Solution : Contact your vendor for a patch
Risk factor :
It doesn't look serious but does such a patch exist for linux?