Denial of Service in all kernels 2.6.x

From: Croulder
Date: Thu Jul 05 2007 - 04:43:49 EST

Next message: Ingo Molnar: "Re: [RFC/PATCH] debug workqueue deadlocks with lockdep"
Previous message: Miklos Szeredi: "Re: [linux-pm] Re: [PATCH] Remove process freezer from suspend to RAM pathway"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Linux has the same problem that other OS:
"Multiple Vendor TCP Timestamp PAWS Remote Denial Of Service
Vulnerability" published in 2005 by Noritoshi Demizu

If i send a SYN packet with high timestamp legitime user can not
establish a connection with the victim server.

Kernel Tested : 2.6.21.5 , 2.6.11.12

http://www.securityfocus.com/bid/13676/info

Temporal solution: echo "0" > /proc/sys/net/ipv4/tcp_timestamp

Final solution: ???
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Ingo Molnar: "Re: [RFC/PATCH] debug workqueue deadlocks with lockdep"
Previous message: Miklos Szeredi: "Re: [linux-pm] Re: [PATCH] Remove process freezer from suspend to RAM pathway"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]