[dba-Tech] TCP implementation in Linux poses a serious threat to Internet users

[Jim Lawrence]

All that said I took the precaution to update all my Linux boxes. :-)

As from the article: 

1. Edited /etc/sysctl.conf file and added the line: net.ipv4.tcp_challenge_ack_limit = 999999999

2. ...And forced an immediate update: sysctl -p 

I wonder if it is necessary and if necessary whether most companies have in fact implemented the solution?
 
Jim

----- Original Message -----
From: "Jim Lawrence" <accessd at shaw.ca>
To: "Discussion of Hardware and Software issues" <dba-tech at databaseadvisors.com>
Sent: Thursday, August 11, 2016 10:57:14 AM
Subject: Re: [dba-Tech] TCP implementation in Linux poses a serious threat to	Internet users

Now that possible hack could be very serious as all our industry, government, banking and all major business back-bones are built on Linux.

OTOH, I would suspect as tradition, the Linux community, via the Linux Foundation, has been made aware of this long before the information became public and fixes have been rolling out. 

Jim 

----- Original Message -----
From: "John R Bartow" <jbartow at winhaven.net>
To: "Discussion of Hardware and Software issues" <dba-tech at databaseadvisors.com>
Sent: Thursday, August 11, 2016 10:30:28 AM
Subject: [dba-Tech] TCP implementation in Linux poses a serious threat to	Internet users

FYI:
"The Transmission Control Protocol (TCP) implementation in all Linux systems
deployed since 2012 (version 3.6 and above of the Linux kernel) poses a
serious threat to Internet users, whether or not they use Linux directly."
http://tinyurl.com/hbm6wlu


_______________________________________________
dba-Tech mailing list
dba-Tech at databaseadvisors.com
http://databaseadvisors.com/mailman/listinfo/dba-tech
Website: http://www.databaseadvisors.com
_______________________________________________
dba-Tech mailing list
dba-Tech at databaseadvisors.com
http://databaseadvisors.com/mailman/listinfo/dba-tech
Website: http://www.databaseadvisors.com