Ready for Some Downtime?

By on April 20, 2004

A researcher in Milwaukee has discovered a nasty exploit of the TCP protocol that could give hackers a way to knock out entire segments of the Internet’s backbones.

The vulnerability was discovered by a Paul “Tony” Watson, a computer researcher in Milwaukee, who found a way to remotely reset network connections via a denial-of-service (DoS) attack. The flaw affects both TCP and BGP (Border Gateway Protocol). BGP needs a persistent TCP connection between peers in order to route packets, so if the routers are reset, BGP goes into hibernation and traffic stops.

Sequence numbers in the packet headers usually make this exploit infeasible, but Tony has apparently figured out a way to guess the right sequence numbers in 4 tries. The nasty part is that the exploit is possible due to the design of TCP itself, not just some broken software. This one could be ugly.

Gadgetopia

Comments

  1. This story is really making the rounds today. Apparently the vulnerability was discovered in November, but it was so serious that they actually managed to keep it under wraps while governments and router vendors worked to patch the backbone of the Internet. No idea if they got everything done in time, but here’s to hoping…

Comments are closed. If you have something you really want to say, email editors@gadgetopia.com and we‘ll get it added for you.