Researchers at the University of California, Riverside (UCR) have spotted a vulnerability in the Transmission Control Protocol (TCP) of all Linux operating systems since late 2012 that enables attackers to remotely hijack users' Internet communications.
The team found a subtle "side-channel" weakness in the Linux software that allows hackers to deduce the TCP sequence numbers linked to a specific connection with no more data than the Internet Protocol (IP) addresses of the communicating parties.
The researchers say the flaw could be exploited to launch targeted attacks that monitor users' online activity, forcibly terminate a communication, commandeer a conversation between hosts, or degrade the privacy guarantee by anonymity networks such as Tor. The attack is quick and reliable, often taking less than 60 seconds and having an approximately 90% success rate.
"The unique aspect of the attack we demonstrated is the very low requirement to be able to carry it out," says UCR professor Zhiyun Qian. "Essentially, it can be done easily by anyone in the world where an attack machine is in a network that allows IP spoofing."
Qian's advice while Linux works on remediation is to apply a temporary path to both client and server hosts.
From UCR Today
View Full Article
Abstracts Copyright © 2016 Information Inc., Bethesda, Maryland, USA
No entries found