fyodor just pwned up on the new 'tcp/ip vulnerability'

[walcy]

more info on the whole thing can be found Explaining the “New” TCP Resource Exhaustion Denial of Service (DoS) Attack by Fyodor and http://blog.robertlee.name/.

Robert Lee and Jack Louis recently went public claiming to have discovered a new and devastating denial of service (DoS) vulnerability in the core TCP/IP protocol stack used for almost all Internet communication.

[dr0p]

Interesting, will look into it more tomorrow when I'm not half-asleep =3

[.exe]

According to the TWIT security podcast this has got people shitting in there pants..........

http://it.slashdot.org/it/08/10/01/0127245.shtml

Allegedly the attached interview details exactly the procedures for instigating this attack (and this has been confirmed as new as its low bandwidth). He doesnt say how directly........but hes said enough to work it out.

This has been dubbed the affectionate term "sockstress"

NOTE: English begins a little bit into the interview.

[hyptix]

Interesting article, seen this around the blogs a bit recently, might have heard about it on securabit or read it on one of Mubix's posts

[.exe]

The best/worst part is they claim this attack is completely un-stoppable using the conventional tcp/ip stack. I agree with the tech community that this should have been disclosed behind closed doors but I have a feeling these two invididuals wanted the credit for the discovery.

Heres hoping its bullshit :D

[walcy]

Indeed this has been getting alot of press lately.

I haven't found too much info on it recently, but will update again then.

Currently checking all the podcast links/blogs for more info. <_<