Re: (OT kinda) Newly-discovered TCP flaw

To: debian-user@lists.debian.org
Subject: Re: (OT kinda) Newly-discovered TCP flaw
From: Lisi Reisz <lisi.reisz@gmail.com>
Date: Thu, 11 Aug 2016 20:31:37 +0100
Message-id: <[🔎] 201608112031.37287.lisi.reisz@gmail.com>
In-reply-to: <[🔎] 201608111506.26142.gheskett@shentel.net>
References: <[🔎] slrnnqp80d.67r.curty@einstein.electron.org> <[🔎] 57ACD598.4080708@optonline.net> <[🔎] 201608111506.26142.gheskett@shentel.net>

On Thursday 11 August 2016 20:06:26 Gene Heskett wrote:
> On Thursday 11 August 2016 15:44:24 Doug wrote:
> > On 08/11/2016 12:50 PM, Gene Heskett wrote:
> > > On Thursday 11 August 2016 12:47:09 Nicolas George wrote:
> > > CC:ing emc-developers, and trinity-users who may not yet be aware of
> > > this tcp attack vector thats quite dangerous. And my post to
> > > trinity-users was in error, so this corrects it.
> > >
> > >> Le quintidi 25 thermidor, an CCXXIV, Gene Heskett a écrit :
> > >>> to add should be changed to forward slashes:
> > >>
> > >> You are wrong, sysctl supports both slashes and dots as separators.
> > >>
> > >> Regards,
> > >
> > > I changed it back Nicolas, and sysctl -p now returns:
> > > root@coyote:/etc/init.d# sysctl -p
> > > sysctl: cannot stat /proc/sys//net.ipv4.tcp_challenge_ack_limit: No
> > > such file or directory
> > >
> > > Put the slashes back and I get this:
> > > root@coyote:/etc/init.d# sysctl -p
> > > .net.ipv4.tcp_challenge_ack_limit = 999999999
> > >
> > > Which  I assume is the correct response.  And yet the echo shows all
> > > dots.
> > >
> > > WTH?  Ahh, my bad, no damned biscuit, an extra leading slash snuck
> > > in. But if a dot and a slash are the same to sysctl, I should have a
> > > file in the wrong place? But I do not. /net is empty. It is in the
> > > right place now. And cats the correct value.
> > >
> > > Sorry about the confusion everybody.
> > >
> > > Cheers, Gene Heskett
> >
> > Running PCLOS. I put in the original command with dots. When I run
> > sysctl.p from a root environment I get no response, but no error
> > either. Don't know the significance of that.
> >
> > --doug
>
> Neither do I Doug, sorry. See the announcement on /. today & read the
> link to the post from the guys that found it that is in the story,
> UCsomething IIRC, see below. A closer read may answer it.
>
> <https://ucrtoday.ucr.edu/39030>
>
> And please keep things like this on the list you read it from. A PM is
> unfair to the other readers of the list you read it on, so I'll cc the
> three lists it was cross posted to as it sounds pretty serious to me.
>
> And I just noted that the sysctl command you quoted above is incorrect,
> its sysctl -p, not sysctl.p.
>
> Maybe that helps?

I copied and pasted the commands exactly, and ran them as root, and got an 
echo of net.ipv4.tcp_challenge_ack_limit = 999999999 in response to the first 
and a blank return in response to the second.  I don't know the significance.

Lisi

Reply to:

Follow-Ups:
- Re: (OT kinda) Newly-discovered TCP flaw
  - From: Joe <joe@jretrading.com>
- Re: (OT kinda) Newly-discovered TCP flaw
  - From: Gene Heskett <gheskett@shentel.net>

References:
- (OT kinda) Newly-discovered TCP flaw
  - From: Curt <curty@free.fr>
- Re: (OT kinda) Newly-discovered TCP flaw
  - From: Doug <dmcgarrett@optonline.net>
- Re: (OT kinda) Newly-discovered TCP flaw
  - From: Gene Heskett <gheskett@shentel.net>

Prev by Date: Are Debian online manpages down?
Next by Date: Re: i8042 controller not found
Previous by thread: Re: (OT kinda) Newly-discovered TCP flaw
Next by thread: Re: (OT kinda) Newly-discovered TCP flaw
Index(es):
- Date
- Thread