Skip to content
October 3, 2008 / technocrawl

Flaw in TCP Stack leads to Massive DoS Attack

Multiple flaws have been found in TCP stack, and when exploited, this will lead to massive DoS attack.

Two Researchers in Sweden found this and there is no patch for this yet. The discovery follows a test using a port scanner called ‘Unicornscan’, which Lee and senior security researcher Jack Louis created.

“Jack found some anomalies in which machines would stop working in some very specific circumstances while being scanned,” Lee told CNET News.com. One of the behaviours experienced was packet loss, where the packets repeatedly kept trying, creating, more or less, a denial of service (DoS) on that machine.

To exploit the flaws, to see if the TCP vulnerabilities were real, Lee and Louis created a program called ‘Sockstress’ that intentionally did some wrong things with the TCP/IP handshake process. The Sockstress program was very effective in producing DoS attacks. The pair have no plans to release Sockstress.

If this was the case, then this flaw would be a wet dream for Hackers to craft an exploit code to launch DoS attacks on millions of sites.

Advertisements

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: