October 1, 2008 was a dark day. Not because the stocks went on a wild ride, crashing and thrashing any thought of retirement. No, October 1 was much worse.

While we are all patiently waiting for the full disclosure some time around the 16th, the basics released are that TCP has been shown universally vulnerable to denial of service attack using as few as a handful of bots. Back in the beautifully naive days of September, a denial of service attach (DOS) required thousands to millions of computers programed to launch their assault at an unsuspecting target. This was mostly achieved by various techniques including flooding the target server with enormous amounts of initial connections (SYN), then abandoning the conversation. Back then, it took effort to take a system down.

Flash forward to black Wednesday, the new techniques discovered allows this same effect with 9 - 10 connection attempts, a small enough number that the entire attack could be carried out from a single machine. Such an effect could prove disastrous for web sites, national security, and our prized waffle recipe.

So, is this the end of the world, or just media hype? Well, since all of the attacks being discussed are theoretical, the only way to really know is wait for full disclosure at the T2 conference in Helsinki, Finland on October 16 - 17 2008.

For up to date news on this issue: <a href='http://blog.robertlee.name/'>see Robert Lee's blog on Sock Stress</a>.

Add a comment

Posted by on October 7, 2008 1:01:00 AM CDT #