Re: (OT kinda) Newly-discovered TCP flaw
On Thursday 11 August 2016 11:55:56 Curt wrote:
> http://www.pcworld.com/article/3106180/security/use-the-internet-this-
>linux-flaw-could-open-you-up-to-attack.html?google_editors_picks=true
>
> Calling all experts: cause for concern?
I do not know if wheezy is/can be affected, however the fix promulgated
by the link to the UCR announcement is wrong, at least for my wheezy
install, in that when I investigated my machine, the dots in that
string:
net.ipv4.tcp_challenge_ack_limit = 999999999
to add should be changed to forward slashes:
net/ipv4/tcp_challenge_ack_limit = 999999999
as that is the directory structure on this wheezy based machine, and then
the following update command:
sysctl -p
works w/o error. All done as root of course.
No clue if the fix works, I haven't been attacked that I am aware of.
Cheers, Gene Heskett
--
"There are four boxes to be used in defense of liberty:
soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
Genes Web page <http://geneslinuxbox.net:6309/gene>
Reply to: