Following an nmap scan against localhost, I get this:
TCP Sequence Prediction: Difficulty=201 (Good luck!)
IPID Sequence Generation: All zeros
This is on .. a day old Debian System. Now.. something tells me this is not a good thing security wise. I remember on the old Debian box (before the recent reinstall) a relatively high Difficulty, and the "IPID Sequence Generation" to be "Random positive increments" (or something). I also remember on a FreeBSD box that the TCP SP Difficulty was "999..."; "IPID Seq Gen:" was "Truly Random".
All in all.. how do I increase the difficulty of the tcp sequence prediction [who/what gives this difficulty?] and the "IPID Seq Generation" ?