TCP flaws may lead to DoS attacks, say researchers

Gary · Oct 03, 2008, 10:30:36

"Two researchers in Sweden have found multiple flaws in the TCP stack that could lead to massive denial-of-service attacks if exploited. At present there is no workaround and there are no patches available"

Full story here

Sebby · Oct 03, 2008, 11:07:14

Another vulnerability. Oh joy.

Gary · Oct 03, 2008, 11:22:23

Quote from: Sebby on Oct 03, 2008, 11:07:14
Another vulnerability. Oh joy.

Apart from patching, this is what ADSL is for as well Sebby

Rik · Oct 03, 2008, 12:27:50

Anyone want to buy a couple of routers?

Sebby · Oct 03, 2008, 16:15:36

I have got some carpentry to do...

Inactive · Oct 03, 2008, 16:44:03

Chip off the old block then Seb.

Sebby · Oct 03, 2008, 19:05:30

esh · Oct 06, 2008, 15:51:59

From what I hear, the problem is to do with SYN cookies, which can actually be disabled in Linux boxes without a reboot.

The downside of disabling SYN cookies is you are more reliable to 'standard' DDoS attacks, but these types of attacks just generally temporarily hog resources rather than cause the system to fall into a state where a reboot is necessary (excluding older Windows machines of course). You can also likely use network IP filtering to hold out against normal DoS attacks, crude as it may be.

somanyholes · Oct 09, 2008, 08:13:48

QuoteFrom what I hear, the problem is to do with SYN cookies, which can actually be disabled in Linux boxes without a reboot.

The downside of disabling SYN cookies is you are more reliable to 'standard' DDoS attacks, but these types of attacks just generally temporarily hog resources rather than cause the system to fall into a state where a reboot is necessary (excluding older Windows machines of course). You can also likely use network IP filtering to hold out against normal DoS attacks, crude as it may be.

catch22 really, if one Dos doesn't get you the other one will