1. Internet Technology Flaws RaiseFears of DoS Attacks.
- Author
-
Vijayan, Jaikumar
- Subjects
- *
COMPUTER security , *COMPUTER network protocols , *INTERNET , *TECHNOLOGY , *COMPUTER operating systems , *COMPUTER industry - Abstract
The article discusses the concerns among some security experts that denial-of-service (DoS) attacks could be launched against core routers and switches which were raised upon the disclosure in April 2004 of two serious flaws in widely used Internet technologies. One of the vulnerabilities involves Cisco Systems' implementation of the Simple Network Management Protocol in its Internetworking Operating System. The flaw could allow remote attackers to cause vulnerable systems to repeatedly restart when processing specific SNMP requests, eventually leading to DoS conditions. According to Amit Yoran, director of the U.S. Department of Homeland Security's National Cyber Security Division, the flaw is particularly dangerous because it affects a wide range of Cisco's routers and switches and is very easy to exploit. Meanwhile, a US-CERT advisory warned of a critical flaw in the Internet's core Transmission Control Protocol (TCP). The flaw allows remote attackers to create DoS conditions against TCP connections, with sustained attacks capable of disrupting portions of the Internet, the advisory stated. The flaw was disclosed by Great Britain's National Infrastructure Security Co-ordination Centre and involved a long-known weakness in TCP that allows attackers to constantly reset routers by guessing a unique 32-bit number needed for the process.
- Published
- 2004