TCP Vulnerability Published 676
Bob Slidell writes "According to Yahoo!, there is a critical flaw in TCP that affects everyone and everything. The article is scant on details and long on fear, hopefully someone will post more details on this." The advisory has more information, and is long on details but only moderate on fear.
Best security advice... (Score:4, Funny)
I'm sure this... (Score:3, Funny)
Good (Score:5, Funny)
TCP2
SMTP2
POP32
That's it! (Score:5, Funny)
oops? (Score:5, Funny)
No problem (Score:5, Funny)
FS! (Score:0, Funny)
Work (Score:5, Funny)
Re:OpenBSD is safe? (Score:5, Funny)
The time has come (Score:5, Funny)
Re:OpenBSD is safe? (Score:5, Funny)
The Real Question is: (Score:2, Funny)
pssst, hey mods - it's a joke....
Scene from Ghostbusters (Score:1, Funny)
Mayor: What do you mean, "biblical?"
Dr. Raymond Stantz: What he means is Old Testament, Mr. Mayor, real wrath-of-God type stuff. Fire and brimstone coming down from the sky. Rivers and seas boiling.
Dr. Egon Spengler: Forty years of darkness. Earthquakes, volcanoes...
Winston Zeddemore: The dead rising from the grave.
Dr. Peter Venkman: Human sacrifice, dogs and cats living together - mass hysteria.
Thankfully... (Score:0, Funny)
Re:OpenBSD is safe? (Score:5, Funny)
they discuss, OpenBSD handles this extremely well. We'll explain more in a week or so.
Is the margin of the page too small to explain the wonderful reason why it handles this so well?
Warning! (Score:5, Funny)
Seriously though, it doesn't look all that bad. (Nor does it look all that hard to do, but still..)
Re:Best security advice... (Score:5, Funny)
How would that keep you safe from DoS attacks?
I, for one... (Score:2, Funny)
Re:Scene from Ghostbusters (Score:3, Funny)
-G
Re:No problem (Score:5, Funny)
UDP just I. switch ll'll to I just
S
It's Al Gore's fault... (Score:0, Funny)
Re:That's it! (Score:5, Funny)
I want a new internet based on morse code ping responses... 10 ms for a dah.
Obviously... (Score:2, Funny)
"The operation timed out attempting to connect to www.uniras.gov.uk"
oh, the irony,
--Stephen
Re:Good (Score:1, Funny)
TCP2
SMTP2
POP32
What happened to POP4?
Re:That's it! (Score:2, Funny)
THEN I'll know my data got to the other side !.
Re:Best security advice... (Score:1, Funny)
No problem... (Score:5, Funny)
*sight*
Re:More FUD? (Score:3, Funny)
So I guess it wouldn't affect anyone at all if it a couple backbones that depend on BGP to get packets from point A to point B just dropped off the Internet.
Nope, that won't affect anyone at all.
Another impending duct tape shortage (Score:2, Funny)
Apparently terrorist.net's router has already been attacked.
"Watson, who runs the www.terrorist.net Web site, predicted that hackers will understand how to begin launching attacks 'within five minutes of walking out of that meeting.'"
He went on to say that you can expect to see the first Spam offering a software patch for $19.95 within 60 seconds of walking out of that meeting.
Oh christ (Score:2, Funny)
Oh god, you can spoof a reset into a TCP window. Oh god, some network hardware vendors have large windows and non-pseudorandom TCP sequence number prediction.
This only becomes a vulnerability when you run an application over TCP that does something catastrophic when it loses a connection. In this case, that would be unsecured BGP (or, if 1998 is calling, unsecured telnet).
People get paid to write papers about this shit? I need a beer.
Re:OpenBSD is safe? (Score:5, Funny)
But it saves the day for my network of 3 linux boxen in my basement which are s0 K3wl, they r0x! While the Internet burns to the ground I can route packets back and forth with impunity between my 486 laptop and my Pentium II Server!! WooHoo!
Not a Suprise, given that. . . (Score:2, Funny)
The TCP (The Clippy Program) has grown beyond your control, soon he will spread through this network as he spread through Windows-sock
Never use naming conventions that resemble anything as insecure as Windows or Clippy for god's sake
Re:Good (Score:3, Funny)
(har har)
yoda? (Score:5, Funny)
L. Skywalker
Windows also safe (Score:5, Funny)
In a quickly following press release, Bill Gates adds:
Re:That's it! (Score:5, Funny)
SCREECH *BAM* *poof* (Score:5, Funny)
Does the affect tcpip/cp? (Score:5, Funny)
I suspect someone is interupting my data stream and keeping the replies and account numbers he has been sending me in regards to my money. This vulnerability proves my theory. I am in desperate need!! How can I prevent this!!
Anyone willing to help I will share my wealth with.
Re:That's it! (Score:5, Funny)
OSVDB ID: 4030
Rating: TBD
Disclosure Date: Apr 20, 2004
Description:
The Internet has been determined to be full of evil hax0rz. Any computers connected to the Internet are deemed vulnerable to this exploit.
Solution:
Unplug cable, power down WAP, close bomb shelter doors.
Re:The time has come (Score:1, Funny)
- Frustrated Novell Admin
Re:OpenBSD is safe? (Score:5, Funny)
Re:OpenBSD is safe? (Score:5, Funny)
The next internet (Score:1, Funny)
They really screwed things up on this one.
Re:Best security advice... (Score:3, Funny)
>> Just unplug your PC from the internet
> umm no connections = No service, therefore sucessful DoS
- You're fired!
- Fired?! You can't fire me, I quit!
Re:Windows also safe (Score:4, Funny)
(Was it the hippie part? Yeah, sure calling Steve Jobs a hippie is flamebait, but this was also clearly a joke. Some moderators are just in a dire need of a blow job.)
Re:Best security advice... (Score:1, Funny)
Therefore, if there is no service, you cannot deny service.
Re:That's it! (Score:3, Funny)
Considering the fact that UDP is also the acronymn for Usenet Death Penalty, it doesn't seem like the choices are all that different.
Freewill? Riiiiiight.Re:Yes yes (Score:2, Funny)
Re:NISCC slowing, here is the summary of article (Score:5, Funny)
There is a new vulnerability that will cause every GM vehicle and cause your children to cry. Vandals can place 1 domestic house cat into the fan and cause the fan to stop and under some cases, cause the vehicle to overheat. This was previously written off as house cats are usually soft ans squishy and have little effect on the powerful fan but Joe Shmoe PHD realised that many house cats have colars that are pretty tough for the fan to digest. Car experts say this is a serious problem and will be dealt with in a serious manner. Suggested work around is to keep your cat tied in the house, and to drive a bicycle instead.
Re:That's it! (Score:3, Funny)
Chris Mattern
Re:BGP vulnerable (Score:5, Funny)
And if anybody could determine the identity of an Anonymous Coward, it certainly wouldn't be an inside group of hardened NOC geeks.
Oh wait...
Good info, though. Thanks.
Re:OpenBSD is safe? (Score:4, Funny)
err um, don't you mean your parent's basement :)
Re:Windows also safe (Score:5, Funny)
This update addresses the vulnerability addressed in Microsoft Security Bulletin 666. Find out about more recent critical updates in the Overview section.
File Name:
WindowsXP-MSTCPDRM-x86-ENU.exe
Download Size:
1261 GB
Date Published:
4/20/2004
Version:
666
Overview
This patch fixes criticals security vulnerabilities present in Windows TCP stack.
This patch also add the new DRM TCP extension.
When is patch is applied, your computer will connect to drm.microsoft.com prior establishing any other connection to make sure the requested end point is an authorized Microsoft partner. All rogue packets are now rejected and reported by the Windows TCP-DRM firewall (TM).
This patch also upload the registry key HKEY_LOCAL_MACHINE and all subkeys and values to drm.microsoft.com so we can make sure all software is used according to their end user licence agreements.
System Requirements
Supported Operating Systems: Windows XP
Windows XP Professional
Windows XP Home Edition
Re:More from Theo (was Re:OpenBSD is safe?) (Score:5, Funny)
For us, those issues are 1/50000 smaller than they are for other vendors.
So, they are 50,000 times bigger ?
Re:NISCC slowing, here is the summary of article (Score:5, Funny)
I'd say this is a real threat. We need to protect our SUV's from the mobs of 1337 haxor kitten terrorists! I propose bombing __insert country here__, under the guise of giving them democracy and freedom, and simultaniously pass some laws at home which take away some of our freedom.
Re:OpenBSD is safe? (Score:4, Funny)
Re:Windows also safe (Score:3, Funny)
HA! Not if Novell has anything to say about it! IPX/SPX 4 EVER!!!!
Oh, wait, Novell doesn't have anything to say about it.
Re:Windows also safe (Score:5, Funny)
Nice of you to volunteer, looks like their outlook has improved already
Re:Windows also safe (Score:4, Funny)
And that should be modded "-1, Redundant" but you don't hear me compl...oh..shit.
Re:NISCC slowing, here is the summary of article (Score:5, Funny)
Al-Kitty?
Yes, that was corny, and no, I couldn't resist.
Re:Windows also safe (Score:2, Funny)
"Bite my shiny metal iPlatformWar, Miiis-ter Gaaa-tes..."
Re:Best security advice... (Score:5, Funny)
Article title reads: (Score:2, Funny)
This is news?
From the article (Score:2, Funny)
Was the naked part necessary? I don't know about you, but it would matter to me if there were loose tigers near by, regardless if I was naked or not
Re:More from Theo (was Re:OpenBSD is safe?) (Score:4, Funny)
> So, they are 50,000 times bigger ?
No, that would be 49999/50000 as big.
Time to go back to NetBUI. (Score:2, Funny)
Re:NISCC slowing, here is the summary of article (Score:5, Funny)
You're not mangling your Arabic-to-English transilteration enough. It would probably look more like "al Qiddy"
Re:NISCC slowing, here is the summary of article (Score:2, Funny)
Re:NISCC slowing, here is the summary of article (Score:2, Funny)
IANAE
That would be funny, yes. However, I've been signing posts/email/whatever with "-Ed" for longer than many slashdotters have been alive. I even sign handwritten letters that way. The time to start to worry is if I change it to add a period at the end...
Re:NISCC slowing, here is the summary of article (Score:4, Funny)