Clock slew vulnerability in FreeBSD?

Mike Silbersack silby at silby.com
Thu Mar 10 22:00:40 PST 2005


On Fri, 11 Mar 2005 gnn at freebsd.org wrote:

> As to how vulnerable FreeBSD is to this I do not know nor do I know if
> we should bother to do anything about it.  What, in particular are you
> worried about here?  Also, if you consider this a security issue you
> should probably also include the security team in this discussion.
>
> Later,
> George

I'd guess that we're fully "vulnerable" to this, but I don't see it really 
as an issue, unless someone is trying to hide a whole bunch of FreeBSD 
boxes behind that.

And if that's what you're doing, run PF on the NAT machine, I think it has 
options to scramble such things, no matter what OS the clients behind it 
are running.

Mike "Silby" Silbersack


More information about the freebsd-net mailing list