Experts warn of TCP vulnerability
Network infrastructure providers and companies' internal networks called the most vulnerable to DOS attacks
IDG News Service - Internet security experts warned of a serious security vulnerability in the Transmission Control Protocol (TCP), a critical communications protocol used on the majority of computer networks in the world, according to an advisory from the U.K.'s National Infrastructure Security Co-ordination Centre (NISCC).
The hole exists in all implementations of TCP that comply with the Internet Engineering Task Force's TCP specification. By exploiting the holes, malicious hackers could cause TCP sessions to end prematurely, creating a denial-of-service attack. The TCP vulnerability could also disrupt communications between routers on the Internet by interrupting BGP (Border Gateway Protocol) sessions that use TCP, the NISCC said.
The U.S. CERT Coordination Center issued a warning yesterday about the vulnerability. The warning cited an almost 3-year-old advisory and said sustained exploitation of the hole could lead to a DOS attack affecting "portions of the Internet community."
BGP is the most common routing protocol used by major external routers on the Internet. Major Internet service providers use BGP to configure redundant high-speed connections and to coordinate with other ISPs and peers, said Dan Ingevaldson, research director at Internet Security Systems Inc. (ISS).
"It's the protocol that handles the big pipes on the Internet," he said.
NISCC and the U.S. CERT issued their advisories after a security researcher, Paul Watson, described the problem in a paper called "Slipping in the Window: TCP Reset Attacks." Watson will be presenting the paper at the CanSecWest 2004 security conference in Vancouver, British Columbia, this week.
Watson discovered that the current TCP standard allows a malicious hacker to easily guess a unique 32-bit number needed to reset an established TCP connection, because the standard allows sequence numbers in a range of values to be accepted rather than exact matches, according to the NISCC advisory.
By spoofing the source IP address and the TCP port and then randomly guessing the unique sequence number, an attacker could cause an active TCP session to terminate.
Networking experts have known about the potential for such attacks for almost 20 years. However, as Internet use and the use of broadband Internet connections has grown over the years, ISPs and others have gradually increased the size of the window, or range of acceptable sequence numbers that they permit to reset a connection, making a successful DOS attack more plausible, Ingevaldson said.
BGP sessions are particularly vulnerable to such attacks because they are longer, more predictable connections that often take place between two devices with published IP addresses, he said.
"Attackers know where they are and where they're going. They know the ports on either side that are being
- Silicon Valley's 19 Coolest Places to Work
- Is Windows 8 Development Worth the Trouble?
- 8 Books Every IT Leader Should Read This Year
- 10 Hot Hadoop Startups to Watch
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- 2013 Cyber Risk Report The "Cyber risk report 2013 Executive summary" presents the major findings of HP Security Research's comprehensive dive into today's cyber vulnerability and threat...
- Why You Need a Next-Generation Firewall This white paper explores the reasons for implementing next-generation (NG) firewalls and lays out a path to success for overburdened IT organizations.
- Infographic: Converged Infrastructure Benefits This Infographic quantifies the savings organizations are realizing from increased deployment speed, higher availability, and lower annual costs.
- CIOs Deliver Productivity Breakthroughs with Intelligent Digital Signage Retailers have long recognized the influence that digital signage provides over a shopper's point-of-purchase decision making process.
- Top 4 Digital Signage Fails Join RMG Networks for a look at four of the most common reasons digital signage fails in corporate businesses. Learn about strategies to...
- Building Tomorrow's Infrastructure Listen to this podcast to discover how Crider Foods worked with PC Connection to update their IT infrastructure, while maintaining compliance and control. All Malware and Vulnerabilities White Papers | Webcasts