« : 11.08.16 - klo:13.51 »
https://ucrtoday.ucr.edu/39030Researchers at the University of California, Riverside have identified a weakness in the Transmission Control Protocol (TCP) of all Linux operating systems since late 2012 that enables attackers to hijack users’ internet communications completely remotely.
Qian said the researchers have alerted Linux about the vulnerability, which has resulted in patches applied to the latest Linux version. Until then, Qian recommends the following temporary patch that can be applied to both client and server hosts. It simply raises the `challenge ACK limit’ to an extremely large value to make it practically impossible to exploit the side channel. This can be done on Ubuntu, for instance, as follows:
Open /etc/sysctl.conf, append a command “net.ipv4.tcp_challenge_ack_limit = 999999999”.
Use “sysctl -p” to update the configuration
Kirjattu
Pohjois-pohjanmaa
-- motto: backupin tarve huomataan aina liian myöhään
Aihe: Weakness in TCP protocol ... (Luettu 2252 kertaa)
