RSS
Fundamental Internet Flaw Revealed
from the oh-well.--time-to-log-off dept
Well, there's a flurry of news article being rushed online today as news comes out about a "fundamental flaw" with TCP that could allow hackers to basically screw up routers all over the world, severely impacting internet traffic. The flaw was discovered a few months back, and people have apparently been working on a fix, but the article isn't entirely clear on whether or not important routers have really been patched, or if it's still being worked on. Either way, the guy who discovered the flaw is set to make a presentation about it on Thursday, after which he believes just about any smart hacker should be able to exploit it and do their best to take down the internet. The news is still pretty vague otherwise about this threat, and I'm always a little skeptical about "this will bring down the internet!" style claims, so if anyone has more info about how serious (or not) this is, feel free to share. Update: As noted here it appears that we were correct in assuming the "oh no, the internet is going to fall down" predictions may have been overstated as the workarounds are perfectly reasonable.
6 Comments | Leave a Comment..
- DailyDirt: Autonomous Vehicles
- How Publishers Repeated The Same Mistake As Record Labels: DRM Obsession Gave Amazon Dominant Position
- Park Ranger Tases Guy Walking Dogs Without A Leash
- Brazilian Government Ordering Web Hosting Firms To Kill Domain Names They Don't Like
- Syrian President's Email Hacked... His Password Was 12345
Reader Comments (rss)
(Flattened / Threaded)
the same here
[ reply to this | link to this | view in thread ]
What If
I drove across the continent last week, I was going crazy from boredom, it was Easter Sunday (when all espresso shops were closed), so in Kearney, Nebraska (middle of the continent), I stopped at a university computer lab, where the lab administrator let me use the computer because he could sense my anguish.
[ reply to this | link to this | view in thread ]
Re: the same here
Someone has figured out that its a lot easier, because of the window of sequence numbers that a TCP connection will accept (refer to good books on the subject for a good explanation of what that means), its possible to send a RST packet from a spoofed address/port and knock out a long term TCP connection if the details (source & dest IP ports and addresses) are known.
The primary example pointed out by the vulnerability discoverer is BGP, which is a major routing protocol used by many central routers. Basically a person could DoS BGP on these routers and prevent them from maintaining updated routing, which could be bad.
There are mitigating factors to the exploit, and steps that can be taken to lessen the chances of it working, but a complete "fix" will require a patch/update to how TCP works.
[ reply to this | link to this | view in thread ]
Re: the same here
[ reply to this | link to this | view in thread ]
Re: What If
Nah, we still have tons of videogames and books to hold our attention. Sometimes I WISH the internet would collapse :) I might actually get some work done...
[ reply to this | link to this | view in thread ]
No Subject Given
Block address that should not be coming from that direction. IE if 217.10.8.0 is a network off of port A on your router then you should never see any inbound trafic on any other ports with a source address on the 217.10.8.0 network. So block that network from inbound except on port A.
Also if you know that 217.10.8.0 is the only network off of port A then anything with a source that is not 217.10.8.0 coming in on port A is false. So block all inbound addresses from port A except 217.10.8.0 network.
If enough network providers did this then the packets to start this DoS attack will never make it to the router with the RST packet. It will be dropped because the source address is spoofed.
-Charles W.
[ reply to this | link to this | view in thread ]
Add Your Comment