While major alerts have been issued, the potential for attacks will most likely be isolated to specific vulnerable servers or routers rather than the entire Internet infrastructure.
The concern is that TCP/IP is used extensively for Internet and Intranet communications on a widespread basis. The primary concern is in disconnecting static BGP connections as noted in the articles.
Finally, vendors are scrambling to provide security fixes which should be appearing soonTCP/IP and Internet Security Vulnerabilities
A flaw in the most popular communications protocol for sending data on the Net could let attackers shut down connections between servers and routers
, according to an advisory released Tuesday by Britain's national emergency response team. TCP--the Transmission Control Protocol--contains a flaw that "varies by vendor and application, but in some deployment scenarios...is rated critical.
Most implementations of the Border Gateway Protocol (BGP) rely on the Transmission Control Protocol (TCP) to maintain persistent unauthenticated network sessions. There is a vulnerability in TCP which allows remote attackers to terminate network sessions.
Sustained exploitation of this vulnerability could lead to a denial of service condition; in the case of BGP systems, portions of the Internet community may be affected. Routing operations would recover quickly after such attacks ended.
Leading networking equipment vendors Cisco Systems Inc. and Juniper Networks Inc. are expected to release advisories for their customers this week that explain which of their products contain BGP code vulnerable to attack and to offer updated versions of operating system software for those devices that fix the problem.
Despite the dire warnings, the impact of the TCP hole will probably be small, Ingevaldson said. Leading networking vendors have probably been in conversation with US-CERT and the NISCC far in advance of the news becoming public, giving those companies time to prepare a patch. Also, the BGP protocol was designed to be resistant to attack and to support digital signatures using algorithms such as MD5 that can prevent spoofing, he said. "This is a serious issue because it's widespread, but there probably won't be a widespread impact,"
he said.SERIOUS TCP/IP VULNERABILITIES http://www.us-cert.gov/cas/techalerts/TA04-111A.htmlhttp://www.uniras.gov.uk/vuls/2004/236929/index.htmhttp://www.securityfocus.com/news/8499http://news.com.com/2100-1002_3-5195909.htmlhttp://www.infoworld.com/article/04/04/20/...pwarning_1.htmlCORE INTERNET TECHNOLOGY VULNERABLE TO HACKERShttp://www.securityfocus.com/news/8491http://news.com.com/2100-1009-990608.htmlhttp://www.eweek.com/article2/0,1759,1570947,00.asp