Alan, I completely understand this issue. I'm not so ignorant ;-)
And attacks on the defragmentation process WAS NOT a reason to write the patch.
> > numbers. Tools exploiting this weakness already exist. See
> > http://www.securityfocus.com/templates/archive.pike?list=1&date=1999-08-1&msg=BUGTRAQ%251999080211573830@LISTS.SECURITYFOCUS.COM
> This URL has nothing to do with IP sequence guessing. It references some old
> unrelated 2.0.3x thing.
I suppose you haven't read all the detals.
The problem isn't related to 2.0.3x - it well applies to 2.3.18 kernel.
It's a rather fresh idea (I haven't heard about it before this August) about
TCP spoofing attack based exactly on predictable IP IDs.
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to firstname.lastname@example.org
Please read the FAQ at http://www.tux.org/lkml/