Forum Home
    • Register
    • Login
    • Search
    • Recent
    • Tags
    • Popular

    Linux TCP bug introduced in 2012 - Not publicised enough : No Kernal Update yet

    Off-Topic
    1
    1
    1384
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • wrapper
      wrapper Moderators last edited by

      Linux TCP bug introduced in 2012 - Not publicized enough : No Kernel Update yet

       sudo nano /etc/sysctl.conf
 net.ipv4.tcp_challenge_ack_limit = 1310709
 sudo sysctl -p -e

      It’s only a matter of time before the fix reaches the distros, but if you are trying to run a secure system, t0r or have been hack targeted, you may wish to take some remedial action.

      The Linux kernel vulnerability CVE-2016-5696 disclosed last week affects a lot of devices, and a network administrator may not have root access to all of them

      The vulnerability resides in the design and implementation of RFC 5961, a relatively new Internet standard that’s intended to prevent certain classes of hacking attacks. In fact, the protocol is designed in a way that it can easily open Internet users to so-called blind off-path attacks, in which hackers anywhere on the Internet can detect when any two parties are communicating over an active transmission control protocol connection.

      Such a weakness could end up used to launch targeted attacks that track users’ online activity, forcibly terminate a communication, hijack a conversation between hosts or degrade the privacy guarantee by anonymity networks such as Tor, said researchers at the University of California, Riverside (UCR).

      http://arstechnica.com/security/2016/08/linux-bug-leaves-usa-today-other-top-sites-vulnerable-to-serious-hijacking-attacks/

      1 Reply Last reply Reply Quote 2
      • First post
        Last post