osap4

April 20th 2004: http://www.uniras.gov.uk/vuls/2004/236929/ The following mitigation steps are still being evaluated and may be incomplete. Customers should work with vendors for the workaround most appropriate for the product in question [...]
Implement IP Security (IPSEC) which will encrypt traffic at the network layer, so TCP information will not be visible.
Reduce the TCP window size (although this could increase traffic loss and subsequent retransmission).
Do not publish TCP source port information.

April 20th 2004: http://www.uniras.gov.uk/vuls/2004/236929/ The following mitigation steps are still being evaluated and may be incomplete. Customers should work with vendors for the workaround most appropriate for the product in question [...]