What is Affected?
The vulnerability described in this advisory affects implementations of the Transmission Control Protocol (TCP) that comply with the Internet Engineering Task Force's (IETF's) Requests For Comments (RFCs) for TCP, including RFC 793, the original specification, and RFC 1323, TCP Extensions for High Performance.
TCP is a core network protocol used in the majority of networked computer systems today. Many vendors include support for this protocol in their products and may be impacted to varying degrees. Furthermore any network service or application that relies on a TCP connection will also be impacted, the severity depending primarily on the duration of the TCP session.
Severity
The impact of this vulnerability varies by vendor and application, but in some deployment scenarios it is rated critical. Please see the vendor section below for further information. Alternatively contact your vendor for product specific information.
If exploited, the vulnerability could allow an attacker to create a Denial of Service condition against existing TCP connections, resulting in premature session termination. The resulting session termination will affect the application layer, the nature and severity of the effects being dependent on the application layer protocol. The primary dependency is on the duration of the TCP connection, with a further dependency on knowledge of the network (IP) addresses of the end points of the TCP connection.
The Border Gateway Protocol (BGP) is judged to be potentially most affected by this vulnerability.
BGP relies on a persistent TCP session between BGP peers. Resetting the connection can result in medium term unavailability due to the need to rebuild routing tables and route flapping. Route flapping may result in route dampening (suppression) if the route flaps occur frequently within a short time interval. The overall impact on BGP is likely to be moderate based on the likelihood of successful attack. If the TCP MD5 Signature Option and anti-spoofing measures are used then the impact will be low as these measures will successfully mitigate the vulnerability.
There is a potential impact on other application protocols such as DNS (Domain Name System) and SSL (Secure Sockets Layer) in the case of zone transfers and ecommerce transactions respectively, but the duration of the sessions is relatively short and the sessions can be restarted without medium term unavailability problems. In the case of SSL it may be difficult to guess the source IP address.
Data injection may be possible. However, this has not been demonstrated and appears to be problematic.
Summary
The issue described in this advisory is the practicability of resetting an established TCP connection by sending suitable TCP packets with the RST (Reset) or SYN (Synchronise) flags set.
The packets need to have source and destination IP addresses that match the established connection as well as the same source and destination TCP ports.
The fact that TCP sessions can be reset by sending suitable RST and SYN packets is a design feature of TCP according to RFC 793, but a reset attack is only possible at all because the source IP address and TCP port can be forged or "spoofed".
Although denial of service using crafted TCP packets is a well known weakness of TCP, until recently it was believed that a successful denial of service attack was not achievable in practice. The reason for this is that the receiving TCP implementation checks the sequence number of the RST or SYN packet, which is a 32 bit number, giving a probability of 1/232 of guessing the sequence number correctly (assuming a random distribution).
The discoverer of the practicability of the RST attack was Paul A. Watson, who describes his research in his paper "Slipping In The Window: TCP Reset Attacks", presented at the CanSecWest 2004 conference. He noticed that the probability of guessing an acceptable sequence number is much higher than 1/232 because the receiving TCP implementation will accept any sequence number in a certain range (or "window") of the
At least they could have named them something difrent...they can look and feel similar like XMMS and winamp but calling it is that is like asking for a lawsuite.
In my expereance in the feild there are too many IT workers...more than half just have that title and are totally clueless some basic things that an IT person should know...not evryone can be good in this feild and I saw many people who are just bad at what they do...1 out of 3 people are actually good at what they do but all 3 have the same title so thats why the value is low...Good people in any feild always get paid top dollar...to increase your value you have to prove that you are better thats all...
I think quicktime has a better thance to get into windows before real ever does....hell i bet MS will put MPlayer in there before real...Ms becames real enemy when they tried to kill them off...remember realplayer in windows 98?
I mean cmon...they have quick time wich is direct compition and better in my opinion...Quicktime is not perfect but much better than anything real haver ever come up with...if they go to microsot like they
said they would they will get rejected even harder...im not try to start a flame war or anything but I never heard anyone saying anything good about real...just like all companys whos goods are not welcome they will eventually god out of buisness IMHO.
Some open source oses that would breath some new life into old computers to make them usefull again....like a patched up version of redhat 6.2>...perhaps some customized distro that would run on a 486 with 8 mb of ram with no problem.
Along with linux and BSD...alot of people who can't afford programs like microsoft office or photoshop and need software don't know what to do...some pirate and some buy crapware...librarys should have cds for free or for a small fee that have Gimp, Open office,Mozilla,Firebird,Filezilla,Putty,emacs,vim, etc...
for windows...that would be a great help...this great free reasource should be offered in local librarys for those who are not comfortable with switching platforms and in the future it would easier to change platforms...i mean somone gouse to walmart as an example...they see a linux box...with screen shots of the programs they know and use...much easier than looking at something and saying to yourself...whats that?
It is posible for something like this to happen but since there are alot of big companys backing linux i dont think microsoft would personally do it...simply because there is a chance that the conspiracy would be uncovered and that would not be good for them...thats why sco is doing it...all ms did is invest in them so microsoft comes out clean on paper.
Even the people who dont know anything about linux know Windows=bad...for example i was fixing one of those really abused compaqs and the dsl login and pass got lost...so i called verizon to get them...the tech guy wasnt very well trained in IT...he asked me why i deeded the the info...i sad i had for kill evrything and format cuz its pretty standard issue in windows...he said to get a mac...i told him why get a whole new comp when this one could run linux...he was puzzeled but at least he knew windows=bad.
HP said the same thing about the first PC...they were wrong then and they are wrong now...when i intruduce consumer type people to linux they love it simply because there computer dosent mess up...its funny how linux is easier for users than windows because once installed it has all the apps a user needs and those little solitareish games...not to mention security and stability...I think the Wal-Mart people are making a good move offering linux on some of the pcs they sell.
well i know the patent on fat is stupid...media can be formated with anything...and fat should be depracated because it's time for something new...perhaps a file system with more rubust metadata abilitys.
even if the paten would not get revoked altogh it should there are pleant of file systems that major company's can standardize on...it will be a pain it the ass for a little but cmon...pick one of the many better filesystems...write a driver for oses and devices and microsoft can go screw itself...
I was using a car as an example...im sure it's obvius that an internal cumbustion motor/engine what ever you wanna call it has many more application so no assumptions...just an example.
This would not work in a traditional cumbstion motor but im sure there are was to implement it into large
electric ones...imagine a fully electric car with 4 of these (one for each wheel) about 25 hourse power each and have them cmputer controlled for traction...imagine the performance...and this type of car would probly run 3 times the distance of current electric cars...then maybe alot of people would consider replaceing there current cars.
With the right technological and scientific aproch it is posible to strore data on anything including my packet of Duck sauce i didnt use at lunch...u can write data and read data from anything and to anything...this also dosent strike me to be more reliable than a floppy disk if not even less reliable...but for the hell of it this is kinda cool...
the guy knowingly broke the law and commited involatary manslaghter...i say 5 to 10 without a drivers licence for the rest of his life to discouradge other from doing such stupid shit and posing a risk to others in the proccess...the guy is an idiot...
Slashdot Mirror
http://www.narvakitchens.com/CircleID.pdf
http://www.narvakitchens.com/Solar.pdf
Well if no one here likes IPX...how about a tinfoil hat and NetBEUI?
What is Affected? The vulnerability described in this advisory affects implementations of the Transmission Control Protocol (TCP) that comply with the Internet Engineering Task Force's (IETF's) Requests For Comments (RFCs) for TCP, including RFC 793, the original specification, and RFC 1323, TCP Extensions for High Performance. TCP is a core network protocol used in the majority of networked computer systems today. Many vendors include support for this protocol in their products and may be impacted to varying degrees. Furthermore any network service or application that relies on a TCP connection will also be impacted, the severity depending primarily on the duration of the TCP session. Severity The impact of this vulnerability varies by vendor and application, but in some deployment scenarios it is rated critical. Please see the vendor section below for further information. Alternatively contact your vendor for product specific information. If exploited, the vulnerability could allow an attacker to create a Denial of Service condition against existing TCP connections, resulting in premature session termination. The resulting session termination will affect the application layer, the nature and severity of the effects being dependent on the application layer protocol. The primary dependency is on the duration of the TCP connection, with a further dependency on knowledge of the network (IP) addresses of the end points of the TCP connection. The Border Gateway Protocol (BGP) is judged to be potentially most affected by this vulnerability. BGP relies on a persistent TCP session between BGP peers. Resetting the connection can result in medium term unavailability due to the need to rebuild routing tables and route flapping. Route flapping may result in route dampening (suppression) if the route flaps occur frequently within a short time interval. The overall impact on BGP is likely to be moderate based on the likelihood of successful attack. If the TCP MD5 Signature Option and anti-spoofing measures are used then the impact will be low as these measures will successfully mitigate the vulnerability. There is a potential impact on other application protocols such as DNS (Domain Name System) and SSL (Secure Sockets Layer) in the case of zone transfers and ecommerce transactions respectively, but the duration of the sessions is relatively short and the sessions can be restarted without medium term unavailability problems. In the case of SSL it may be difficult to guess the source IP address. Data injection may be possible. However, this has not been demonstrated and appears to be problematic. Summary The issue described in this advisory is the practicability of resetting an established TCP connection by sending suitable TCP packets with the RST (Reset) or SYN (Synchronise) flags set. The packets need to have source and destination IP addresses that match the established connection as well as the same source and destination TCP ports. The fact that TCP sessions can be reset by sending suitable RST and SYN packets is a design feature of TCP according to RFC 793, but a reset attack is only possible at all because the source IP address and TCP port can be forged or "spoofed". Although denial of service using crafted TCP packets is a well known weakness of TCP, until recently it was believed that a successful denial of service attack was not achievable in practice. The reason for this is that the receiving TCP implementation checks the sequence number of the RST or SYN packet, which is a 32 bit number, giving a probability of 1/232 of guessing the sequence number correctly (assuming a random distribution). The discoverer of the practicability of the RST attack was Paul A. Watson, who describes his research in his paper "Slipping In The Window: TCP Reset Attacks", presented at the CanSecWest 2004 conference. He noticed that the probability of guessing an acceptable sequence number is much higher than 1/232 because the receiving TCP implementation will accept any sequence number in a certain range (or "window") of the
to switch over to IPX
At least they could have named them something difrent...they can look and feel similar like XMMS and winamp but calling it is that is like asking for a lawsuite.
In my expereance in the feild there are too many IT workers...more than half just have that title and are totally clueless some basic things that an IT person should know...not evryone can be good in this feild and I saw many people who are just bad at what they do...1 out of 3 people are actually good at what they do but all 3 have the same title so thats why the value is low...Good people in any feild always get paid top dollar...to increase your value you have to prove that you are better thats all...
Apple is not cocky...Real is just crappy.
I think quicktime has a better thance to get into windows before real ever does....hell i bet MS will put MPlayer in there before real...Ms becames real enemy when they tried to kill them off...remember realplayer in windows 98?
I mean cmon...they have quick time wich is direct compition and better in my opinion...Quicktime is not perfect but much better than anything real haver ever come up with...if they go to microsot like they said they would they will get rejected even harder...im not try to start a flame war or anything but I never heard anyone saying anything good about real...just like all companys whos goods are not welcome they will eventually god out of buisness IMHO.
Some open source oses that would breath some new life into old computers to make them usefull again....like a patched up version of redhat 6.2> ...perhaps some customized distro that would run on a 486 with 8 mb of ram with no problem.
You prolly beat me to posting it cuz i just posted the same thing almost...I agree 100%.
Along with linux and BSD...alot of people who can't afford programs like microsoft office or photoshop and need software don't know what to do...some pirate and some buy crapware...librarys should have cds for free or for a small fee that have Gimp, Open office,Mozilla,Firebird,Filezilla,Putty,emacs,vim, etc...
for windows...that would be a great help...this great free reasource should be offered in local librarys for those who are not comfortable with switching platforms and in the future it would easier to change platforms...i mean somone gouse to walmart as an example...they see a linux box...with screen shots of the programs they know and use...much easier than looking at something and saying to yourself...whats that?
just make a bewolf cluster.
But I think what most slashdoters (Including myself) need is a turn off cumputer week...
It is posible for something like this to happen but since there are alot of big companys backing linux i dont think microsoft would personally do it...simply because there is a chance that the conspiracy would be uncovered and that would not be good for them...thats why sco is doing it...all ms did is invest in them so microsoft comes out clean on paper.
Don't really care how i write when its not something important evryone understand anyway...
Even the people who dont know anything about linux know Windows=bad...for example i was fixing one of those really abused compaqs and the dsl login and pass got lost...so i called verizon to get them...the tech guy wasnt very well trained in IT...he asked me why i deeded the the info...i sad i had for kill evrything and format cuz its pretty standard issue in windows...he said to get a mac...i told him why get a whole new comp when this one could run linux...he was puzzeled but at least he knew windows=bad.
HP said the same thing about the first PC...they were wrong then and they are wrong now...when i intruduce consumer type people to linux they love it simply because there computer dosent mess up...its funny how linux is easier for users than windows because once installed it has all the apps a user needs and those little solitareish games...not to mention security and stability...I think the Wal-Mart people are making a good move offering linux on some of the pcs they sell.
well i know the patent on fat is stupid...media can be formated with anything...and fat should be depracated because it's time for something new...perhaps a file system with more rubust metadata abilitys.
even if the paten would not get revoked altogh it should there are pleant of file systems that major company's can standardize on...it will be a pain it the ass for a little but cmon...pick one of the many better filesystems...write a driver for oses and devices and microsoft can go screw itself...
I was using a car as an example ...im sure it's obvius that an internal cumbustion motor/engine what ever you wanna call it has many more application so no assumptions...just an example.
This would not work in a traditional cumbstion motor but im sure there are was to implement it into large electric ones...imagine a fully electric car with 4 of these (one for each wheel) about 25 hourse power each and have them cmputer controlled for traction...imagine the performance ...and this type of car would probly run 3 times the distance of current electric cars ...then maybe alot of people would consider replaceing there current cars.
With the right technological and scientific aproch it is posible to strore data on anything including my packet of Duck sauce i didnt use at lunch...u can write data and read data from anything and to anything...this also dosent strike me to be more reliable than a floppy disk if not even less reliable...but for the hell of it this is kinda cool...
the guy knowingly broke the law and commited involatary manslaghter ...i say 5 to 10 without a drivers licence for the rest of his life to discouradge other from doing such stupid shit and posing a risk to others in the proccess...the guy is an idiot...