[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: (OT kinda) Newly-discovered TCP flaw



On 08/11/2016 11:46 AM, Curt wrote:
On 2016-08-11, Reco <recoverym4n@gmail.com> wrote:
	Hi.

On Thu, Aug 11, 2016 at 03:55:56PM +0000, Curt wrote:

http://www.pcworld.com/article/3106180/security/use-the-internet-this-linux-flaw-could-open-you-up-to-attack.html?google_editors_picks=true

Calling all experts: cause for concern?

Debian stable is affected.

If you're relying on HTTP or FTP - you're screwed. If you prefer HTTPS
and SSH - it does not concern you.

To workaround the problem, use (/etc/sysctl.conf is preferred):

sysctl -w net.ipv4.tcp_challenge_ack_limit=999999999

Thank you very much for this.

To solve the problem you should wait until Debian-provided kernels gain
a backport for CVE-2016-5696.


And how will one know when to remove this patch? Or rather what effect will it have if it never is removed?

Hugo




Reply to: