Flaw in TCP core..

Two researchers, Robert Lee and Jack Louis, claim to have found a major TCP/IP protocol vulnerability that it can cause a thrilling Denial of Service(DoS) attack. Well they are yet to reveal the details. A new article reads:

Robert Lee and Jack Louis recently went public claiming to have discovered a new and devastating denial of service (DoS) vulnerability in the core TCP/IP protocol stack used for almost all Internet communication. They refuse to release details before their talk at the T2 security conference in Finland on October 17. Yet they have given many alarming interviews, and the press is having a field day spreading fear and uncertainty. Articles have appeared on The Register (“DoS attack reveals (yet another) crack in net’s core”), Slashdot (“New Denial-of-Service Attack is a Killer”), Search Security (“TCP is fundamentally borked”), and many more publications. In the Register article, Robert Lee says “We haven’t found anybody who has a TCP stack that runs TCP based services that isn’t vulnerable” and that a target machine “basically self thrashes, and the only recovery after about two to four minutes worth of attack flow, even after the attack stops, is to reboot the machine”

Lee said in an SearchSecurity article that the best way to protect yourself in this case of scenario if allow only whitelisted ips and there is no real work-around as of now. But what in case of Web-servers which is open to public? What can you do protect your servers in that case? Lee and team must find a work around soon before releasing the details, I say.

Reference:

http://insecure.org/stf/tcp-dos-attack-explained.html

http://www.theregister.co.uk/2008/10/01/fundamental_net_vuln/

http://it.slashdot.org/article.pl?sid=08/10/01/0127245

http://searchsecurity.techtarget.com.au/articles/27154-TCP-is-fundamentally-borked

Some claim that this is an old and well-known vulnerability while Lee and team claim that they have discovered is what a new DoS vector. Well whether this attack vector is really new or well-known can be decided once we know the details of Lee’s DoS attack

Similar Posts you might be interested in:

    None Found

Be Sociable, Share!

categories Network Security | | October 9, 2008

categories ,

Leave a Reply