Kurt Seifried said :
I find it all rather amusing now that the vulnerability is announced. With proper multiple layered security it's not really an issue (assuming of course you use tcp syn cookies and firewalling, which many do not). Anyways it's always quite amusing to see a complete over-reaction from someone who doesn't appear to understand security (i.e. risk management) and the computer industry to well. Personally in this case I think they did the right thing holding back in my opinion, the chances of an attacker guessing a 24bit cookie are pretty remote, and access to a firewalled port should not immediately result in a penetration (personally I'm not a huge fan of firewalls, very few are done right).
Kurt Seifried, kurt@seifried.org A15B BEE5 B391 B9AD B0EF AEB0 AD63 0B4E AD56 E574 http://www.seifried.org/security/
i agree fully with Kurt, and thanks to all the hard work Roman, Marc and all at SuSE SuSE is the best distro available. doVe