Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Use the internet? This Linux flaw could open you up to attack

Katherine Noyes | Aug. 11, 2016
'It can be done easily by anyone in the world,' one researcher says

“A side-channel attack capable of predicting TCP sequence numbers is a pretty serious problem," said Craig Young, security researcher for Tripwire, via email.

One potential result is to allow attackers to launch the kind of TCP hijacking attacks that were so prominent in the 1990s hacking scene, Young said.

Kevin Mitnick rose to fame during that era for performing what's known as session hijacking by exploiting TCP's vulnerabilities at the time.

"Back then the problem was that many computers would generate initial sequence values from the clock, thereby greatly reducing the number of guesses needed to take control of a remote session," Young said.

 

Previous Page  1  2 

Sign up for Computerworld eNewsletters.