Re: (OT kinda) Newly-discovered TCP flaw

To: debian-user@lists.debian.org
Subject: Re: (OT kinda) Newly-discovered TCP flaw
From: Curt <curty@free.fr>
Date: Thu, 11 Aug 2016 16:46:47 +0000 (UTC)
Message-id: <[🔎] slrnnqpavo.67r.curty@einstein.electron.org>
References: <[🔎] slrnnqp80d.67r.curty@einstein.electron.org> <[🔎] 20160811162119.GA19111@e1030>

On 2016-08-11, Reco <recoverym4n@gmail.com> wrote:
> 	Hi.
>
> On Thu, Aug 11, 2016 at 03:55:56PM +0000, Curt wrote:
>> 
>> http://www.pcworld.com/article/3106180/security/use-the-internet-this-linux-flaw-could-open-you-up-to-attack.html?google_editors_picks=true
>> 
>> Calling all experts: cause for concern?
>
> Debian stable is affected.
>
> If you're relying on HTTP or FTP - you're screwed. If you prefer HTTPS
> and SSH - it does not concern you.
>
> To workaround the problem, use (/etc/sysctl.conf is preferred):
>
> sysctl -w net.ipv4.tcp_challenge_ack_limit=999999999

Thank you very much for this. 

> To solve the problem you should wait until Debian-provided kernels gain
> a backport for CVE-2016-5696.
>
> Reco
>
>


-- 
Même l’avenir n’est plus ce qu’il était. 
Paul Valéry

Reply to:

Follow-Ups:
- Re: (OT kinda) Newly-discovered TCP flaw
  - From: Hugo Vanwoerkom <hvw59601@care2.com>

References:
- (OT kinda) Newly-discovered TCP flaw
  - From: Curt <curty@free.fr>
- Re: (OT kinda) Newly-discovered TCP flaw
  - From: Reco <recoverym4n@gmail.com>

Prev by Date: Re: Debian server for backups of Windows clients
Next by Date: Re: The DISPLAY variable.
Previous by thread: Re: (OT kinda) Newly-discovered TCP flaw
Next by thread: Re: (OT kinda) Newly-discovered TCP flaw
Index(es):
- Date
- Thread