TCP Reset Attacks serious, article series explains
May 11, 2004 — by LinuxDevices Staff — from the LinuxDevices Archive — viewsKernelTrap.org has published the first of two planned articles about a vulnerability in the TCP/IP networking protocol recently shown to be more serious than previously thought. The first article describes the vulnerability, while a second will discuss OpenBSD developers' strategies for hardening TCP/IP stacks against it.
The TCP/IP protocol underlies most networks, including the Internet. TCP/IP hosts using large TCP windows were recently shown to be highly vulnerable to TCP Reset Attacks by users with even moderately high-bandwidth connections. The discovery was made by Paul Watson, whose paper “Slipping in the Window” is available in doc format.
KernelTrap owner Jeremy Andrews says that as background on TCP Reset attacks, he spoke with Theo de Raadt, the creator of the security-oriented operating system, OpenBSD. “In this article, we aim to provide some background into the workings of TCP,” says Andrews, “And then to build upon this foundation to understand how resets attacks work.”
Andrews adds that the second article in the series will look into how TCP stacks can be hardened to defend against such attacks. “Toward this goal, we spoke with members of the OpenBSD team to learn what they have done so far, and what further plans they have to minimize the impact of reset attacks,” Andrews said.
Read Part I of article series on TCP Reset Attacks
This article was originally published on LinuxDevices.com and has been donated to the open source community by QuinStreet Inc. Please visit LinuxToday.com for up-to-date news and articles about Linux and open source.