Definitely interesting, but statistically, this should be irrelevant for anyone on a new BSD or Linux kernel (ex. Mandriva 2009 is a 2.6.27 series kernel). Typical turnarounds are typically in the hours range for such things, and most OSS has had fairly comprehensive hardening against TCP attacks (such as syn flood counter-measures, random sequence ids, etc.). I'd recommend checking you distro's update repos for a kernel update or reading the kernel changelogs for more info.<br>
<br><div class="gmail_quote">On Tue, Oct 21, 2008 at 1:09 PM, Stanley C. Mortel <span dir="ltr"><<a href="mailto:mortel@cyber-nos.com">mortel@cyber-nos.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
F.Y.I. Interesting for sure.<br>
<br>
> --Denial-of-Service Vulnerability Found in TCP Stack<br>
>(October 2, 2008)<br>
>Swedish researchers have uncovered flaws in the TCP stack that could be<br>
>exploited to create denial-of-service conditions. The attack can be<br>
>carried out in less than five minutes and exploits the way resources<br>
>are allocated after a successful three-way handshake. The problem<br>
>was discovered while the researchers were testing a scanning tool.<br>
>More information about the issue is expected to be presented at the<br>
>T2'08 Information Security Conference later this month in Helsinki.<br>
><a href="http://www.securityfocus.com/brief/831" target="_blank">http://www.securityfocus.com/brief/831</a><br>
><a href="http://news.cnet.com/8301-1009_3-10056759-83.html?part=rss&subj=news&tag=2547-1009_3-0-20" target="_blank">http://news.cnet.com/8301-1009_3-10056759-83.html?part=rss&subj=news&tag=2547-1009_3-0-20</a><br>
><a href="http://www.heise-online.co.uk/security/Speculation-surrounds-DoS-vulnerability-in-the-TCP-protocol--/news/111651" target="_blank">http://www.heise-online.co.uk/security/Speculation-surrounds-DoS-vulnerability-in-the-TCP-protocol--/news/111651</a><br>
<br>
<br>
<br>
****************************<br>
Stan Mortel<br>
<a href="mailto:mortel@cyber-nos.com">mortel@cyber-nos.com</a><br>
****************************<br>
<br>
_______________________________________________<br>
linux-user mailing list<br>
<a href="mailto:linux-user@egr.msu.edu">linux-user@egr.msu.edu</a><br>
<a href="http://mailman.egr.msu.edu/mailman/listinfo/linux-user" target="_blank">http://mailman.egr.msu.edu/mailman/listinfo/linux-user</a><br>
</blockquote></div><br>