Spyware Warrior Spyware Warrior
Help with Spyware, Hijacking & Other Internet Nuisances
 
FAQ :: Search :: Memberlist :: Usergroups :: Register
Profile :: Log in to check your private messages :: Log in

Researchers uncovered a serious flaw the internet!!

 
Post new topic   Reply to topic    Spyware Warrior Forum Index -> Security Notices & News
View previous topic :: View next topic  
Author Message
wawadave
Warrior Obsessed


Joined: 25 Jan 2004
Last Visit: 24 Jul 2009
Posts: 3448
Location: Illegitimus non carborundum

PostPosted: Wed Apr 21, 2004 12:00 pm    Post subject: Researchers uncovered a serious flaw the internet!! Reply with quote

WASHINGTON - Researchers uncovered a serious flaw in the underlying technology for nearly all Internet traffic, a discovery that led to an urgent and secretive international effort to prevent global disruptions of Web surfing, e-mails and instant messages.


The British government announced the vulnerability in core Internet technology on Tuesday. Left unaddressed, experts said, it could allow hackers to knock computers offline and broadly disrupt vital traffic-directing devices, called routers, that coordinate the flow of data among distant groups of computers.


"Exploitation of this vulnerability could have affected the glue that holds the Internet together," said Roger Cumming, director for England's National Infrastructure Security Coordination Centre.


The Homeland Security Department issued its own cyberalert hours later that attacks "could affect a large segment of the Internet community." It said normal Internet operations probably would resume after such attacks stopped. Experts said there were no reports of attacks using this technique.


The risk was similar to Internet users "running naked through the jungle, which didn't matter until somebody released some tigers," said Paul Vixie of the Internet Systems Consortium Inc.


"It's a significant risk," Vixie said. "The larger Internet providers are jumping on this big time. It's really important this just gets fixed before the bad guys start exploiting it for fun and recognition."


The flaw affecting the Internet's "transmission control protocol," or TCP, was discovered late last year by a computer researcher in Milwaukee. Paul Watson said he identified a method to reliably trick personal computers and routers into shutting down electronic conversations by resetting the machines remotely.


Experts previously said such attacks could take between four years and 142 years to succeed because they require guessing a rotating number from roughly 4 billion possible combinations. Watson said he can guess the proper number with as few as four attempts, which can be accomplished within seconds.


Routers continually exchange important updates about the most efficient traffic routes between large networks. Continued successful attacks against routers can cause them to go into a standby mode, known as "dampening," that can persist for hours.


Cisco Systems Inc., which acknowledged its popular routers were among those vulnerable, distributed software repairs and tips to otherwise protect large corporate customers. There were few steps for home users to take; Microsoft Corp. said it did not believe Windows users were too vulnerable and made no immediate plans to update its software.


Using Watson's technique to attack a computer running Windows "would not be something that would be easy to do," said Steve Lipner, Microsoft's director for security engineering strategy.


Already in recent weeks, some U.S. government agencies and companies operating the most important digital pipelines have fortified their own vulnerable systems because of early warnings communicated by some security organizations. The White House has expressed concerns especially about risks to crucial Internet routers because attacks against them could profoundly disrupt online traffic.


"Any flaw to a fundamental protocol would raise significant concern and require significant attention by the folks who run the major infrastructures of the Internet," said Amit Yoran, the government's cybersecurity chief. The flaw has dominated discussions since last week among experts in security circles.


The public announcement coincides with a presentation Watson expects to make Thursday at an Internet security conference in Vancouver, British Columbia, where Watson said he would disclose full details of his research.


Watson predicted that hackers would understand how to begin launching attacks "within five minutes of walking out of that meeting."

all info here: http://story.news.yahoo.com/news?tmpl=story&cid=528&e=1&u=/ap/20040421/ap_on_hi_te/internet_threat

_________________
RFID tags! SPYWARE
Tired of proprietary Cor-pirationware?
http://www.openoffice.org/
Installing Vista http://tinyurl.com/2l9qyd
Back to top
View user's profile Send private message Send e-mail Visit poster's website
Nick
Site Admin


Joined: 27 Feb 2004
Last Visit: 15 Jul 2014
Posts: 3913
Location: California

PostPosted: Wed Apr 21, 2004 8:34 pm    Post subject: Reply with quote

This line had me rolling:

Quote:
The risk was similar to Internet users "running naked through the jungle, which didn't matter until somebody released some tigers," said Paul Vixie of the Internet Systems Consortium Inc.


Well, not too much I can do about it, so I won't lose any sleep over it. Didn't they have something like this last year when half of the DNS servers went down due to some attack?
Back to top
View user's profile Send private message
suzi
Site Admin


Joined: 27 Jul 2003
Last Visit: 25 Jul 2014
Posts: 10320
Location: sunny California

PostPosted: Wed Apr 21, 2004 9:06 pm    Post subject: Reply with quote

Quote:
ast year when half of the DNS servers went down due to some attack?


That was when the blaster worm hit - last Feb, I think. I was online right when it started and it was weird. Every minute more and more sites were down. My web host, (not the one I have now) was offline for two weeks. Evil or Very Mad
_________________
Former Microsoft MVP 2005-2009, Consumer Security
Please do not PM or Email me for personal support. Post in the Forums instead and we will all learn. Smile
Back to top
View user's profile Send private message Visit poster's website
wawadave
Warrior Obsessed


Joined: 25 Jan 2004
Last Visit: 24 Jul 2009
Posts: 3448
Location: Illegitimus non carborundum

PostPosted: Wed Apr 21, 2004 11:21 pm    Post subject: Reply with quote

blaster is just a little guy whatch you,ll see.
_________________
RFID tags! SPYWARE
Tired of proprietary Cor-pirationware?
http://www.openoffice.org/
Installing Vista http://tinyurl.com/2l9qyd
Back to top
View user's profile Send private message Send e-mail Visit poster's website
wawadave
Warrior Obsessed


Joined: 25 Jan 2004
Last Visit: 24 Jul 2009
Posts: 3448
Location: Illegitimus non carborundum

PostPosted: Wed Apr 21, 2004 11:27 pm    Post subject: Reply with quote

anther story about thought it was allso pertainit
TCP flaw threatens Net data transmissions
Last modified: April 20, 2004, 12:40 PM PDT
By Robert Lemos
Staff Writer, CNET News.com


A flaw in the most popular communications protocol for sending data on the Net could let attackers shut down connections between servers and routers, according to an advisory released Tuesday by Britain's national emergency response team.

TCP--the Transmission Control Protocol--contains a flaw that "varies by vendor and application, but in some deployment scenarios...is rated critical," said the advisory, published by the United Kingdom's National Infrastructure Security Co-ordination Centre. Networking-hardware maker Juniper Networks has determined that its products are vulnerable. Cisco Systems, Hitachi, NEC, and others are studying the issue, according to the advisory.
the vulnerability allows for what's known as a reset attack. Many network appliances and software programs rely on a continuous stream of data from a single source--called a session--and prematurely ending the session can cause a wide variety of problems for devices. Security researcher Paul Watson discovered a method that makes disrupting the data flow far easier than previously thought.

The center's advisory is based on security research that Watson plans to present at the CanSecWest 2004 conference this week and apparently had been released a day early by the NISCC, according to the conference organizer. Watson, who runs a prohacking blog at Terrorist.net, could not be reached for comment.

The issue of TCP-related reset attacks has surfaced before--discussions of the flaw on a mailing list for large-network operators dismissed the issue as old news--but they've previously been thought to require the attacker to guess the identifier of the next data packet in a session. The odds on that are about one in 4.3 billion. The NISCC advisory argues that Watson's research shows that any number in a certain window of values will work, making it much more likely that such an attack could succeed.

The effect of resetting a connection varies depending on the application and how resistant the network software is to disruption, the advisory said.

Under certain circumstances, an attack could significantly disrupt the network used by the basic devices of the Internet, known as routers, to map the most efficient data path from one server to another. Known as the Border Gateway Protocol, or BGP, the method of passing routing information relies on long-lived sessions, and disturbing those connections could cause "medium-term unavailability," the advisory said.

The flaw could also affect the way special Internet servers, known as name servers, provide the numerical Internet address for a certain domain name, such as cnet.com. Attacks could also be used to disrupt e-commerce, by resetting the secure channels between a browser and a merchant's site.



_________________
RFID tags! SPYWARE
Tired of proprietary Cor-pirationware?
http://www.openoffice.org/
Installing Vista http://tinyurl.com/2l9qyd
Back to top
View user's profile Send private message Send e-mail Visit poster's website
nomorespyware
Warrior Sleuth Expert


Joined: 19 Jan 2004
Last Visit: 04 Feb 2007
Posts: 219

PostPosted: Thu Apr 22, 2004 4:24 am    Post subject: No lost sleep here Reply with quote

I read that article too and thought to myself, has there ever been a day since the creation of the internet that it ran without flaws? They seem to have a good jump on this one and are fixing the loopholes before they become problem.
Back to top
View user's profile Send private message Send e-mail
wawadave
Warrior Obsessed


Joined: 25 Jan 2004
Last Visit: 24 Jul 2009
Posts: 3448
Location: Illegitimus non carborundum

PostPosted: Thu Apr 22, 2004 9:08 am    Post subject: Reply with quote

nms i agree but its nice to stay a head of the flaws.
_________________
RFID tags! SPYWARE
Tired of proprietary Cor-pirationware?
http://www.openoffice.org/
Installing Vista http://tinyurl.com/2l9qyd
Back to top
View user's profile Send private message Send e-mail Visit poster's website
TeMerc
Warrior Obsessed


Joined: 12 Feb 2004
Last Visit: 23 Jan 2014
Posts: 4953
Location: Phx. AZ.

PostPosted: Thu Apr 22, 2004 1:18 pm    Post subject: Reply with quote

Hers some more regarding this, from the guy who caught it.


"Widespread reports about a flawed communications protocol making the Internet vulnerable to collapse were overblown, according to the researcher credited with uncovering the security problem. "
A flaw in the most widely used protocol for sending data over the Net--TCP, or the Transmission Control Protocol--was addressed by most large Internet service providers during the last two weeks and presents little danger to major networks, said Paul Watson, a security specialist for industry automation company Rockwell Automation. If left unfixed, the weakness could have allowed a knowledgeable attacker to shut down connections between certain hardware devices that route data over the Net.

"The actual threat to the Internet is really small right now," Watson said on Wednesday. "You could have isolated attacks against small networks, but they would most likely be able to recover quickly."



Complete read
http://news.com.com/2100-1002_3-5197184.html?tag=cd.lede
_________________

Ultimate Countermeasures Page
Calendar Of Updates
Malware Advisor Blog
Back to top
View user's profile Send private message Visit poster's website
wawadave
Warrior Obsessed


Joined: 25 Jan 2004
Last Visit: 24 Jul 2009
Posts: 3448
Location: Illegitimus non carborundum

PostPosted: Thu Apr 22, 2004 2:49 pm    Post subject: Reply with quote

thx temerc was informative.media seems to have over played this .
_________________
RFID tags! SPYWARE
Tired of proprietary Cor-pirationware?
http://www.openoffice.org/
Installing Vista http://tinyurl.com/2l9qyd
Back to top
View user's profile Send private message Send e-mail Visit poster's website
Display posts from previous:   
Post new topic   Reply to topic    Spyware Warrior Forum Index -> Security Notices & News All times are GMT - 8 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



smartBlue Style © 2002 Smartor
Powered by phpBB © 2001, 2002 phpBB Group