Welcome Guest [Log In] [Register]
We hope you enjoy your visit.


You're currently viewing our forum as a guest. This means you are limited to certain areas of the board and there are some features you can't use. If you join our community, you'll be able to access member-only sections, and use many member-only features such as customizing your profile, sending personal messages, and voting in polls. Registration is simple, fast, and completely free.


Join our community!


If you're already a member please log in to your account to access all of our features:

Username:   Password:
Add Reply
Major Internet Vulnerability; in the TCP
Topic Started: Apr 22 2004, 05:28 AM (453 Views)
somerled
Member Avatar
Admiral MacDonald RN
Experts warn of TCP vulnerability
Quote:
 
Internet security experts warned Tuesday of a serious security vulnerability in the Transmission Control Protocol (TCP) a critical communications protocol used on the majority of computer networks in the world
and the basis of the internet.

It has been
Quote:
 
... discovered that the current TCP standard allows a malicious hacker to easily guess a unique 32-bit number needed to reset an established TCP connection because the standard allows sequence numbers in a range of values to be accepted rather than just exact matches, according to the NISCC advisory.

By spoofing the source IP (Internet Protocol) address and the TCP port, then randomly guessing the unique sequence number, an attacker could cause an active TCP session to terminate.

Networking experts have known about the potential for such attacks for almost 20 years. However, as Internet use and the use of broadband Internet connections has grown over the years, ISPs and others have gradually increased the size of the "window," or range of acceptable sequence numbers that they permit to reset a connection, making a successful DOS attack more plausible, Ingevaldson said.

BGP sessions are particularly vulnerable to such attacks because they are longer, more predictable connections that often take place between two devices with published IP addresses, he said.

"Attackers know where they are and where they're going, they know the ports on either side that are being used and the window," ....


For those who have not studied advanced communications engineering (we dealt with this in microscopic and nausiating detail in one of my electives last semester):
TCP/IP
Introduction to TCP/IP
and in more detail (and a bit technical) RedBook see chapters 2 - 4
Quote:
 
IP addresses are represented by a 32-bit unsigned binary value. It is usually expressed in a dotted decimal format. For example, 9.167.5.8 is a valid IP


BGP
Border Gateway Protocol
Quote:
 
The Border Gateway Protocol (BGP) is an interautonomous system routing protocol. An autonomous system is a network or group of networks under a common administration and with common routing policies. BGP is used to exchange routing information for the Internet and is the protocol used between Internet service providers (ISP). Customer networks, such as universities and corporations, usually employ an Interior Gateway Protocol (IGP) such as RIP or OSPF for the exchange of routing information within their networks. Customers connect to ISPs, and ISPs use BGP to exchange customer and ISP routes. When BGP is used between autonomous systems (AS), the protocol is referred to as External BGP (EBGP). If a service provider is using BGP to exchange routes within an AS, then the protocol is referred to as Interior BGP (IBGP)


This is a potential security issue that if not addressed could bring down the intranets of governments, defence organisations and could result in massive denials of service to entire regions , countries or blocks of countries. This is an issue that can not be overstated as risk.
Offline | Profile | Quote | ^
 
somerled
Member Avatar
Admiral MacDonald RN
Minuet : maybe this one belongs in politics and world events ?
Offline | Profile | Quote | ^
 
Minuet
Member Avatar
Fleet Admiral Assistant wRench, Chief Supper Officer
Actually, I think it belongs in Modern Technology. I will move it now.
Offline | Profile | Quote | ^
 
Admiralbill_gomec
UberAdmiral
I think it belongs in the "Somerled wants to show he is smarter than everyone else by making arcane technological posts" section... :whistle:
Offline | Profile | Quote | ^
 
somerled
Member Avatar
Admiral MacDonald RN
Smarter than some here - B} maybe.
Offline | Profile | Quote | ^
 
captain_proton_au
Member Avatar
A Robot in Disguise

It took you until "advanced communications engineering " to learn about TCP/IP?

I think thats taught at about ninth grade in this century.

And BGP is obsolete, the link you gave was dated 1992!!
Offline | Profile | Quote | ^
 
somerled
Member Avatar
Admiral MacDonald RN
I realise kids get told about it in school , however what they don't get taught is how:
TCP/IP handles data congestion,
what happens for invalid data packets,
what happens with excessive transmission delays,
or
setting up TCP/IP headers and what the functions of each byte of data are,
servor encoding to deal with TCP/IP,
Ethernet and ATM systems,
designing efficient startup routines,
conjestion window interpretation and segment delay interpretation (for multipath internets),
congestion avoidance protocols,
dealing with TCP traffic loadings,
retransmission protocols for lost or unacknowledge ATM or Ethernet packets
packet discard and retransmission procedures.
calculation of optimal return transmission paths.
routing,
RARP and ARP (address resolution protocols),
data fragmentation and reassembly protocols
internet control message protocols
user datagram protocols
credit allocation,
connection termination protocols,
tunneling protocols
(and other stuff too to cope with M-TCP, .)

BGP is still valid and is the current standard (BGP-4) exterior routing protocol of the internet and of intranet systems (and how the data you are reading now got to your computer). (2 classes i-BGP and e-BGP depending on location of the routers and the path the message has to travel).
It is very clever and deals essentially with :
neighbouring router acquisition protocols
neighbouring router reachability
and network "teachability" - this speeds up the rest of the message (if multiple Ethernet or ATM packets sent ie in FTP (heard of that ?).

These are taught as 4th year engineering subjects worldwide (as advanced engineering electives) with introductory material in 3rd year. There is nothing trivial about it.

Proton - just because the link is old - I had to find one that wasn't overly technical - that doesn't make it obsolete.
It is patently obvious that you are only trying to gain some more browny points with your pals here and as usual you are talking about something you know absolutely nothing about (or understand). You would be well advised to check your information before sprouting crap.



Offline | Profile | Quote | ^
 
captain_proton_au
Member Avatar
A Robot in Disguise

somerled
Apr 22 2004, 12:55 PM
Proton - just because the link is old - I had to find one that wasn't overly technical - that doesn't make it obsolete.
It is patently obvious that you are only trying to gain some more browny points with your pals here and as usual you are talking about something you know absolutely nothing about (or understand). You would be well advised to check your information before sprouting crap.

What is the point of this thread?, I had to suffer through 'Internet Technolgy' last year, it was a painfully boring subject, sheesh even statistics is more exciting.

None of the members here have to worry about DoS attacks, why the expanded lecture

And then your tangent:
Quote:
 
I realise kids get told about it in school , however what they don't get taught is how:
TCP/IP handles data congestion,
what happens for invalid data packets,
what happens with excessive transmission delays,
or
setting up TCP/IP headers and what the functions of each byte of data are,
servor encoding to deal with TCP/IP,
Ethernet and ATM systems
Blah blah blah blah


What has that got to do with people understanding that hackers use programs
to guess IP addresses, encryption or passwords for that matter.
Old news
And what the hell did that have to do with your original post. A simple understanding of Protocols is all that was needed.

You seriously think that my motivation for getting stuck into you is browny points and not for the simpler reason that you are a borderline troller.
Who do you mean by my pals -those that constantly but heads with you - i.e- every one else on this board

Im sorry, but the admiral is right, this thread just seems like an excuse for you to flex your ego - again, who is going to be interested in in Net protocols.


Just cos you've taken a few extra subjects than most in engineering related fields does not make u smarter than any one else, and dont forget that youre 50 years older than me, if I or anyone else took the same subjects whos to say we wouldnt get higher grades than you.

Quote:
 
It is patently obvious


My patent is pending :P
Offline | Profile | Quote | ^
 
24thcenstfan
Member Avatar
Something Wicked This Fae Comes
What is the problem here? I am the last person to stick up for Somerled, but all he did was post some information about a TCP Internet vulnerability (whatever the heck that is). We do have this Technology forum for a reason. If it is something you aren’t interested in, then ignore his post. There is no law stating that everyone on this message board must like, understand or want to participate in every topic/thread that gets posted.

I have a feeling though he would have received more positive feedback/discussion on the topic if he had posted this over in the Science and Technology forum at st.com. The members who post there seem to be a bit more hardcore/interested in Technology and all of its many facets. Somerled, you might want to keep that in mind if you want to discuss Technology and the folks here aren't interested.
Offline | Profile | Quote | ^
 
Admiralbill_gomec
UberAdmiral
From the article:

"This is a serious issue because it's widespread, but there probably won't be a widespread impact,"

Quote:
 
Experts warn of TCP vulnerability


Where would we be without experts? :lol:
Offline | Profile | Quote | ^
 
Fesarius
Member Avatar
Admiral
Quote:
 
Where would we be without experts?

Facetious, or are you asking the question seriously?
Offline | Profile | Quote | ^
 
Admiralbill_gomec
UberAdmiral
Actually, it is an attempt at humor. I figured someone might read the Wall Street Journal's "Best of the Web Today" section. They point out silly news headlines that always seemed to start with "Experts" (their comment is, "Where would we be without experts?") :)
Offline | Profile | Quote | ^
 
24thcenstfan
Member Avatar
Something Wicked This Fae Comes
Admiralbill_gomec
Apr 22 2004, 04:47 PM
From the article:

"This is a serious issue because it's widespread, but there probably won't be a widespread impact,"

Then debate the merits of his article/topic. My point was there was hostility and ridicule towards Somerled for even daring to post on the topic.
Offline | Profile | Quote | ^
 
captain_proton_au
Member Avatar
A Robot in Disguise

It was just the Tone of his original post.

Basically he was pointing out that the length of IP addreses made it easy for hackers to guess, and therefore spoof connections giving the ability for them to send Denial of Service attacks. - see I summed it up in one sentence.
The lenght and detail of the post was not needed to get the message across, and who was the intended audience on this board?

Forget about spamtrek, if he wanted to get into a detailed discussion on protocols why didnt he visit a Networking messageboard, there are some on IFfree.

It just seemed he was trying to show off, when we had a go at him he went into tangent on listing all the things he's learned in a fourth year subject ????


Then again if it was any other member we wouldnt have reacted in that way.

Then again any other member would have given a summary if s/he thought another poster was misinformed, and not gone off into the personal attack
Offline | Profile | Quote | ^
 
somerled
Member Avatar
Admiral MacDonald RN
Proton :
re ELEC4500 , that was only part of 7 weeks worth of the subject (intense subject), with joint subject coordinators with different expertise (7 weeks each).

We have first year subjects equivalent to your subject here too Comp1050 (internet Comms) or Seng1140 (Intro to Internet Engg). Haven't taken these (electives) personally.
So I am not in a position to comment on their content, if you found the subject so boring and irrelevant , why didn't withdraw from it and do something more personally rewarding and interesting ?

Proton
Quote:
 
and not gone off into the personal attack
:loling: :loling: :censored: off Proton , and you accuse me ? :rotfl: :rotfl: I think not.

You need to spend more time on your board Proton, and to butt out if you aren't really interested in this or that topic. END OF VENT.
Offline | Profile | Quote | ^
 
ZetaBoards - Free Forum Hosting
Fully Featured & Customizable Free Forums
Learn More · Register Now
Go to Next Page
« Previous Topic · Science and Technology · Next Topic »
Add Reply

Tweet
comments powered by Disqus