TCP RST attacks and Windows Servers
From: baillard (baillard_at_hotmail.com)
Date: 04/21/04
- Next message: Darrel Summers: "Re: Internet monitoring software?"
- Previous message: Bobby: "Time Issue"
- Next in thread: Doug Sherman [MVP]: "Re: TCP RST attacks and Windows Servers"
- Reply: Doug Sherman [MVP]: "Re: TCP RST attacks and Windows Servers"
- Reply: Karl Levinson [x y] mvp: "Re: TCP RST attacks and Windows Servers"
- Messages sorted by: [ date ] [ thread ]
Date: Wed, 21 Apr 2004 13:47:40 -0700
I have not seen anything yet from Microsoft about the TCP RST possible
attacks that are detailed in the following bulletins:
Technical Cyber Security Alert TA04-111A
Vulnerabilities in TCP
http://www.us-cert.gov/cas/techalerts/TA04-111A.html
SANS
http://isc.incidents.org/diary.php?date=2004-04-20&isc=9a4c61bc294b1039c8ecacff03534c2c
CVE entry: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0230
Cisco announcement:
http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml
If I understand correctly, an attack would affect any long term session TCP
communications. Since Windows Server 2003 and 2000 running as Domain
Controllers are not supported using IPSEC (one mentioned work around), what
possible attacks will we be facing in the future? Does standard Windows
networking (SMB) depend on this kind of communication? Can a Windows box
setup to do routing (I don't remember if RRAS supports BGP) be affected by
these kinds of attacks?
- Next message: Darrel Summers: "Re: Internet monitoring software?"
- Previous message: Bobby: "Time Issue"
- Next in thread: Doug Sherman [MVP]: "Re: TCP RST attacks and Windows Servers"
- Reply: Doug Sherman [MVP]: "Re: TCP RST attacks and Windows Servers"
- Reply: Karl Levinson [x y] mvp: "Re: TCP RST attacks and Windows Servers"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
