[dba-Tech] TCP implementation in Linux poses a serious threat to Internet users

John R Bartow jbartow at winhaven.net
Thu Aug 11 15:40:31 CDT 2016 

I would think necessary and that not most companies have implemented it.

-----Original Message-----
From: dba-Tech [mailto:dba-tech-bounces at databaseadvisors.com] On Behalf Of
Jim Lawrence
Sent: Thursday, August 11, 2016 1:28 PM
To: Discussion of Hardware and Software issues
Subject: Re: [dba-Tech] TCP implementation in Linux poses a serious threat
to Internet users

All that said I took the precaution to update all my Linux boxes. :-)

As from the article: 

1. Edited /etc/sysctl.conf file and added the line:
net.ipv4.tcp_challenge_ack_limit = 999999999

2. ...And forced an immediate update: sysctl -p 

I wonder if it is necessary and if necessary whether most companies have in
fact implemented the solution?
 
Jim

----- Original Message -----
From: "Jim Lawrence" <accessd at shaw.ca>
To: "Discussion of Hardware and Software issues"
<dba-tech at databaseadvisors.com>
Sent: Thursday, August 11, 2016 10:57:14 AM
Subject: Re: [dba-Tech] TCP implementation in Linux poses a serious threat
to	Internet users

Now that possible hack could be very serious as all our industry,
government, banking and all major business back-bones are built on Linux.

OTOH, I would suspect as tradition, the Linux community, via the Linux
Foundation, has been made aware of this long before the information became
public and fixes have been rolling out. 

Jim 

----- Original Message -----
From: "John R Bartow" <jbartow at winhaven.net>
To: "Discussion of Hardware and Software issues"
<dba-tech at databaseadvisors.com>
Sent: Thursday, August 11, 2016 10:30:28 AM
Subject: [dba-Tech] TCP implementation in Linux poses a serious threat to
Internet users

FYI:
"The Transmission Control Protocol (TCP) implementation in all Linux systems
deployed since 2012 (version 3.6 and above of the Linux kernel) poses a
serious threat to Internet users, whether or not they use Linux directly."
http://tinyurl.com/hbm6wlu


_______________________________________________
dba-Tech mailing list
dba-Tech at databaseadvisors.com
http://databaseadvisors.com/mailman/listinfo/dba-tech
Website: http://www.databaseadvisors.com
_______________________________________________
dba-Tech mailing list
dba-Tech at databaseadvisors.com
http://databaseadvisors.com/mailman/listinfo/dba-tech
Website: http://www.databaseadvisors.com
_______________________________________________
dba-Tech mailing list
dba-Tech at databaseadvisors.com
http://databaseadvisors.com/mailman/listinfo/dba-tech
Website: http://www.databaseadvisors.com

More information about the dba-Tech mailing list