A researcher in Milwaukee has discovered a nasty exploit of the TCP protocol that could give hackers a way to knock out entire segments of the Internet’s backbones.
The vulnerability was discovered by a Paul “Tony” Watson, a computer researcher in Milwaukee, who found a way to remotely reset network connections via a denial-of-service (DoS) attack. The flaw affects both TCP and BGP (Border Gateway Protocol). BGP needs a persistent TCP connection between peers in order to route packets, so if the routers are reset, BGP goes into hibernation and traffic stops.
Sequence numbers in the packet headers usually make this exploit infeasible, but Tony has apparently figured out a way to guess the right sequence numbers in 4 tries. The nasty part is that the exploit is possible due to the design of TCP itself, not just some broken software. This one could be ugly.