[ale] Linux TCP Flaw
Derek Atkins
warlord at MIT.EDU
Fri Aug 12 10:52:18 EDT 2016
Hi,
"Lightner, Jeffrey" <JLightner at dsservices.com> writes:
> https://thehackernews.com/2016/08/linux-tcp-packet-hacking.html
>
> Other stories related to this last night.
>
> My read last night was Disturbing because it says it can be used to disrupt
> even ssh/sftp/https connections.
>
> Although it says it is in the 3.6 kernel and later it appears some earlier
> kernels for RedHat (and therefore CentOS and other derivatives) are
> affected. RedHat says all RHEL6.5 and above and RHEL 7. Earlier versions
> they say are not affected.
>
> There is a mitigation in the story which is the same being suggested by
> RedHat.
I had heard of the attack a day or two ago, but this is the first story
that included mitigation. Thank you for forwarding!
I've implemented the mitigation on all my servers.
-derek
--
Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
Member, MIT Student Information Processing Board (SIPB)
URL: http://web.mit.edu/warlord/ PP-ASEL-IA N1NWH
warlord at MIT.EDU PGP key available
More information about the Ale
mailing list