On Fri, Aug 01, 2008 at 06:43:25AM -0500, Kirk wrote:
> After upgrading these servers to the latest patched version of BIND, I
> tried the porttest query to test randomization. Well, both got POOR
> ratings. This led me to believe that my PIX was the culprit.


I've seen the same thing on our PIX, even with "id-randomization"
set. The source ports are randomized, but very poorly.


http://tools.cisco.com/security/cent...?alertId=14505

Trey

--
Seattle, Wash.
Q: Why did the astrophysicist order three hamburgers?
A: Because he was hungry.