Security Architecture, Endpoint/Device Security, Endpoint/Device Security, Network Security, Security Strategy, Plan, Budget, Vulnerability Management, Incident Response, TDR, Endpoint/Device Security, Endpoint/Device Security, Endpoint/Device Security

Researchers discover TCP flaw that brings devices to their knees

A pair of Swedish researchers said this week that they have discovered a fundamental flaw in the transmission control protocol (TCP) -- an underlying internet protocol -- that could result in widespread denial-of-service attacks.

TCP, along with IP, are the protocols used to send information over the internet, for example, between a web browser and a web server.

Robert Lee and Jack Louis of Outpost24 said during a Swedish podcast that they were running their penetration testing port scanner when they discovered the problem, which involves the way machines handle TCP connection requests.

"It would lead you sometimes to hit network windows where the connectivity was bad where you would experience packet loss," Louis said.

This caused certain stacks "to end up in strange states...when there was packet loss," he said.

The result was a denial-of-service condition.

"[The port scanner] would retransmit certain packets over and over again until the device actually rebooted," said Lee, Outpost's CSO.

The two men currently are organizing a multi-vendor effort to fix the problem. No patch or workaround exists.

The researchers said they originally discovered the flaw in 2005 but decided to come forward now considering the risk may grow, especially if IPv6, the latest internet layer protocol, becomes a dominant factor.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.