Slashdot Mirror

← Back to Stories (view on slashdot.org)

New Denial-of-Service Attack Is a Killer

Posted by kdawson on from the fighting-a-resource-war-with-an-unfair-advantage dept.

ancientribe writes "Hacker RSnake blogs about a newly discovered and deadly denial-of-service attack that could well be the next big threat to the Internet as a whole. It goes after a broadband Internet connection and KOs machines on the other end such that they stay offline even after the attack is over. It spans various systems, too: the pair of Swedish researchers who found it have already contacted firewall, operating system, and Web-enabled device vendors whose products are vulnerable to this attack." Listen to the interview (MP3) — English starts a few minutes in — and you might find yourself convinced that we have a problem. The researchers claim that they have been able to take down every system with a TCP/IP stack that they have attempted; and they know of no fix or workaround.

4 of 341 comments (clear)

  1. fearmongering by passthecrackpipe · · Score: 5, Insightful

    While it is pretty interesting, and disturbing, we are once again faced with a "The Internet Will Cease To Exist And Your Brain Will Explode" vulnerability. We dont know exactly how it works, we dont know exactly what to do to stop it, fixes are not available, and we are all doomed. The podcast goes into enough detail about how they discovered it to be replicated by skilled evildoers without too much trouble, but nobody knows how long, easy or invasive a fix is going to be.

    --
    People who think they know everything are a great annoyance to those of us who do.
    1. Re:fearmongering by MyLongNickName · · Score: 5, Insightful

      Sorry, but your entire argument is shot down by TFA. For those of you too lazy to read it, this gem "Robert and Jack are smart dudes. I've known them for years," clearly shows that your argument is moot. The author has known them for years from (presumably) T-Ball league. How can you argue with that?

      (this having to wait 5 minutes between posts is a pain in the ass. Anyone else stuck with this restriction?)

      --
      See my journal for slashdot ID's by year. Mine created in 2005. http://slashdot.org/journal/289875/slashdot-ids-by-year
    2. Re:fearmongering by morgan_greywolf · · Score: 5, Insightful

      Sorry, but your entire argument is shot down by TFA. For those of you too lazy to read it, this gem "Robert and Jack are smart dudes. I've known them for years," clearly shows that your argument is moot.

      Seriously....just saying "Yeah, these two dudes I know can break the whole Internet. Trust me. I've known them a long time." is just completely lame and useless.

      The article is nothing more than fear mongering and fudfudfud (please tag appropriately). Unless there's something to the interview beyond "I know how to break the Interwebs!!!", I'm from Missouri on this one.

      --
      My blog
  2. Re:Go for it, take on my machine! by erayd · · Score: 5, Insightful

    Unless it's a generic vulnerability in the TCP spec, in which case almost every implementation of it would be vulnerable - including all those Linux machines. Linux is not some magical shield, it takes responsible use to keep it secure.

    --
    Forget world peace, bring on -1 pointless