On Tue, 17 Apr 2001, Kris Kennaway wrote:
> > :Well, that's why it's a sysctl defaulting to off in my patch. Don't
> > :turn it on if you don't want to.
> >
> > Let me put it another way: I think this sort of thing is an excellent
> > example of introducing unnecessary kernel bloat into the system. Who
> > gives a fart whether someone can port scan you efficiently or
> > anonymously or not? I get port scanned every day. Most hackers don't
> > even bother with portscans, they just try the exploit on the target
> > machines directly.
>
> Tools, not policy..
>
> You may not care about it, but others do.
Would it be better to do it as a kernel option?
options IP_RANDOM_IP_ID for instance? I guess the question is, does the
kernel have to do a comparison to the sysctl variable each time?
--
Matt Piechota
Finger [EMAIL PROTECTED] for PGP key
AOL IM: cithaeron
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message
