Sockstress is able to cause internet meltdown

A rather dangerous security flaw which can cause major havoc on the ability to deliver internet services has been discovered. A team of security researchers have discovered a security flaw in the protocol called TCP. TCP is the blood that flows through the internet. Without TCP the internet would not function as we know it.

To investigate this security flaw, an application called Sockstress has been created. This application has the ability to crash routers, Firewalls, Web Servers, Windows Servers and even Linux servers. This is a serious cross platform flaw which affects any internet device which offers internet based services. Even your small webserver sitting behind your broadband router is affected.

It works by causing what is known as a DOS (Denial of Service ) attack. This means the server will no longer be able to function or offer websites, Email or any internet based services.

It works by causing the internet server to consume large amounts of resources, and then it runs out of resources and stops working. Resources are things like Memory and Disc space. Every connection that is made to a internet servers requires resources. When a new connection is made , the servers will allocate resources for that connection. The more connections that are made, the more resources are allocated.

Sockstress creates connections to the internet server, then does nothing with them. The internet server then keeps asking “Can you use the connection now ?” and the answer is always no. And at the same time new connections are being made, and the process gets repeated. Eventually the server runs out of resources to offer to real customers, and it dies.

Think of it like this.

A few people telephone a restaurant and reserve a table. The restaurant reserves the table for that person. These people keep doing this over a period of time pretending to be different people. The restaurant reserves all it’s tables, calls in extra staff, cancels staff vacations and starts refusing real customers because all tables are reserved.

These trickster people who have made these reservations do not turn up and the restaurant tries to contact these people to see what’s happening. Some people can be contacted and they insist that they are coming, please do not unreserve my table.

During all this, the restaurant is no longer accepting reservations from real customers. The real customers have been denied service. Hence the term DOS “Denial Of Service” attack

This is a very simplistic view, but it conveys the principal of how the attack works.

I’m sure a workaround will be created soon, However at the moment we don’t have one, and the internet is as risk.

http://www.t2.fi/2008/08/27/jack-c-louis-and-robert-e-lee-to-talk-about-new-dos-attack-vectors/


Comments:

Leave a comment
You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>



Search

Recent Posts

Recent Comments

Older Posts