Re: [m0n0wall] Re: WII behind m0n0wall

From:	"Christopher M. Iarocci" <iarocci at eastendsc dot com>
To:	Chris Buechler <cbuechler at gmail dot com>
Cc:	m0n0wall at lists dot m0n0 dot ch
Subject:	Re: [m0n0wall] Re: WII behind m0n0wall
Date:	Sun, 14 Dec 2008 14:59:11 -0500

Chris Buechler wrote:
> On Thu, Dec 11, 2008 at 9:22 PM, Christopher M. Iarocci
> <iarocci at eastendsc dot com> wrote:
>   
>> Do you think I can safely downgrade?  If so, I'll try going back to 1.3B13.
>>     
>
> I've never had a problem downgrading, should be fine.
>
>   
>>  Could you tell me why the patch?  Is it considered to raise security if you
>> randomize ports?
>>
>>     
>
> It's always good to randomize everything you possibly can in your
> network stack, and source ports is one of those things. This explains
> it a bit more:
> http://doc.pfsense.org/index.php/Static_Port
>
> -Chris
>   
Is it possible to shut off port randomization by putting something like 
0 in both fields in advanced?  There is no box to disable it, but I 
would like to for the purpose of testing. 

Chris