walcy Posted October 2, 2008 Share Posted October 2, 2008 more info on the whole thing can be found Explaining the “New” TCP Resource Exhaustion Denial of Service (DoS) Attack by Fyodor and http://blog.robertlee.name/. Robert Lee and Jack Louis recently went public claiming to have discovered a new and devastating denial of service (DoS) vulnerability in the core TCP/IP protocol stack used for almost all Internet communication. Quote Link to comment Share on other sites More sharing options...
dr0p Posted October 3, 2008 Share Posted October 3, 2008 Interesting, will look into it more tomorrow when I'm not half-asleep =3 Quote Link to comment Share on other sites More sharing options...
.exe Posted October 3, 2008 Share Posted October 3, 2008 According to the TWIT security podcast this has got people shitting in there pants.......... http://it.slashdot.org/it/08/10/01/0127245.shtml Allegedly the attached interview details exactly the procedures for instigating this attack (and this has been confirmed as new as its low bandwidth). He doesnt say how directly........but hes said enough to work it out. This has been dubbed the affectionate term "sockstress" NOTE: English begins a little bit into the interview. Quote Link to comment Share on other sites More sharing options...
hyptix Posted October 4, 2008 Share Posted October 4, 2008 Interesting article, seen this around the blogs a bit recently, might have heard about it on securabit or read it on one of Mubix's posts Quote Link to comment Share on other sites More sharing options...
.exe Posted October 4, 2008 Share Posted October 4, 2008 The best/worst part is they claim this attack is completely un-stoppable using the conventional tcp/ip stack. I agree with the tech community that this should have been disclosed behind closed doors but I have a feeling these two invididuals wanted the credit for the discovery. Heres hoping its bullshit :D Quote Link to comment Share on other sites More sharing options...
walcy Posted October 6, 2008 Author Share Posted October 6, 2008 Indeed this has been getting alot of press lately. I haven't found too much info on it recently, but will update again then. Currently checking all the podcast links/blogs for more info. <_< Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.