Devastating new "killer" DOS attack with no solution
 

http://www.darkreading.com/blog.asp?...T.svl=tease2_2

And there's no fix.

The interview is incredibly in-depth, but they understandibly never get into anything describing exactly how the attacks are carried out, just what they do. From the parts I could understand, being brand new into network security, the least intricate of the attacks in their "suite" is a simple denial of service attack that incites the attacked system into attempting to connect to the attacker over and over again, depleting a specific resource of the attacked computer. However, the more involved attacks take advantage of timers inside the kernel by faking connection problems on the attacker's end (using up to thousands of concurrent TCP connections) and having the victim computer send back thousands of staggered reconnection requests.

They talk about how a few attacks cause the victim system to freeze up and reboot to a screen that displays "no operating system found". Basically, this attack can not only interfere with, but also corrupt the target. And it gets worse, it affects anything with a TCP stack. Routers and firewalls are useless against it and can actually make it worse.

This is worst case of course, and I'm glad right now only good guys know how to execute it, but this last line just chills me.

Thats...That's scary.

That's... freaky.

Was reading up on alternatives. SCTP sounds promising.

Not to throw the baby out with the bathwater, but TCP hasn't changed since the 70s at its core. Unless they're willing to change and fix it, alternatives probably wouldn't hurt.

Well, I have two three thoughts.

First is, well, damn.

Second is kudos to these two, both for finding it and handling it in a responsible manner. Can you imagine the chaos if this was made available to the open net?

Third is basically an echo of what Blue stated above. This should be the impetus we use to upgrade an integral part of our communications network; let's not wait until there's a crash (See: 2003 blackout, Black September, etc)

but ofcourse, since this news is out... now we have Hackers all over the world willing to find someway to figure it out this for themselves.

You know... you dont need the blueprint to invent the wheel twice.

Which is why I hope the suggestions they're making can be implemented, and quickly. God knows we need it.

Something seems suspicious about all of this. I just get that vibe.

EDIT: Oh, look at that, the internet exaggerates.

there's no way someone would find this and not sell it on the black market for hundreds of millions of dollars. Everyone has a price tag.

Believe it or not, that's not true. If a person feels strongly enough about something, money just doesn't compare. In the same way a person might give their life for something they believe in or someone they care about, there will be some things they will feel strongly enough about to refuse any amount of money.

Like with the sole producers of artificial rubies(?). They're these two little old ladies who've kept the process a secret, and intentionally add in a chemical to make the manufactured stones fluoresce in black light. Some guy offered them a crazy amount of money to make one batch without the additive and they flat-out refused.

Frankly, I think the people who know about this realize the importance of the many over their own desire for money. They're scrambling to get people to fix the issues BEFORE the information gets out. Because they know now that people know there's an issue, it's only a matter of time before someone else figures it out and puts it up to no good.

I don't think "Oh, here's something that's a particularly effective DoS attack that has a small chance of disabling the target system" would sell for that much on the "black market" (Black market? What is this, some cheesy pulpy crappy spy/cyber-punk/cyber-punk spy novel?). Really, the article extremely exaggerates the effectiveness of this. It's still a pretty nasty thing, but nothing that disconnecting the PC won't resolve in most cases.