Network Computing is part of the Informa Tech Division of Informa PLC
TCP Vulnerable, But Net Won't Go Down
A flaw in the basic TCP protocol used to transmit data across the Internet quickly seized the attention of security professionals Tuesday as various government agencies and security firms posted alerts warning that an exploit could let attackers to shut down connections between servers and routers.
Experts said the vulnerability poses a serious threat, which could possibly disrupt portions of the Net, or more likely impact enterprise networks. But they also urged end users and IT security pros to remain calm.
"The Internet isn't going down tonight," promised Chris Rouland, the vice president of Internet Security Systems' X-Force threat group. "Internet infrastructure providers have been given plenty of advance notice, and have taken additional security precautions so that not just anyone can connect to them and authenticate. That's mitigated a lot of the risk.
"But even the largest companies haven't had this advance notice, and may have some work to do tonight."
According to advisories posted by the United Kingdom's National Infrastructure Security Co-ordination Centre (NISCC) and the U.S. Computer Emergency Readiness Team (US-CERT), TCP -- the Transmission Control Protocol -- contains "a vulnerability which allows remote attackers to terminate network sessions. Sustained exploitation of this vulnerability could lead to a denial of service condition...and portions of the Internet community may be affected."
Recommended For You
With the move to the cloud, CISOs must shift priorities from operating security programs to overseeing (monitoring and auditing) outsourced cybersecurity programs.
2022 was a boon year for IT salaries. 2023 came in like a beast with layoffs, raise freezes, and ChatGPT, but that beast has few teeth.
Age is only a number. Don't let a high number cancel your career.