Friday, October 3, 2008

DoS attack reveals (yet another) crack in net's core • The Register

DoS attack reveals (yet another) crack in net's core • The Register: "Security experts say they have discovered a flaw in a core internet protocol that can be exploited to disrupt just about any device with a broadband connection, a finding that could have profound consequences for millions of people who depend on websites, mail servers, and network infrastructure.
The bug in the transmission control protocol (TCP) affords attackers a wealth of new ways to carry out denials of service on equipment at the heart of data centers and other sensitive points on the internet. The new class of attack is especially severe because it can be carried out using very little bandwidth and has the ability to paralyze a server or router even after the flood of malicious data has stopped.
'If you use the internet and you serve a TCP-based service that you value the availability for, then this affects you,' Robert E. Lee, chief security officer for Sweden-based Outpost24 told The Register. 'That may not be every internet user, but that's certainly any IT manager, that's certainly any website operator, mail server operator, or router operator.'"

No comments: