4/22/2004 - InterNiche Technologies, Inc., a major supplier of Internet and network security protocols stacks used worldwide by network devices and embedded applications OEMs, announced that they have updated their NicheStack and NicheLite stacks to address the TCP Reset (RST) and SYN Attack vulnerabilities that were disclosed by the United Kingdom's National Infrastructure and Security Co-Ordination Centre. The use and effect of spoofed RST (Reset) and SYN packets on the TCP/IP Internet communications protocol was detailed in NISCC Vulnerability Advisory #236929 and in a US Department of Homeland Security alert. If exploited, these vulnerabilities could potentially allow a Denial of Service (DoS) attack on any TCP/IP session, forcing a premature termination. Any network service or application that relies on TCP/IP could be impacted.
"InterNiche has been working with the NISCC since first alerted to this vulnerability and on April 8th we informed NISCC that we had examined the scenario, had tested a patch and posted an updated version of our NicheStack IPv4, NicheStack IPv4/IPv6 Dual, and our NicheLite protocol stacks," said Brian Ramsey, Vice President of Marketing at InterNiche. "Embedded applications can be further protected with our IP Security (IPSec) security toolkits, which encrypts information at the network layer completely obscuring the 4-tuple TCP address and port information. IPSec provides authentication and other security functions that protect against spoofing and replay."
The vulnerability identified by researcher, Paul Watson, in his paper, "Slipping In The Window: TCP Reset Attacks", to be presented this week at the CanSecWest2004 security conference identified a method of spoofing TCP RST or SYN packets making TCP Reset Attacks feasible.
Systems and services with persistent TCP/IP connections and relatively easy-to-guess address and port numbers are the most vulnerable targets for this form of DoS, or a Distributed DoS attack if launched from multiple cooperating machines. Border Gateway Protocol (BGP) routers, Domain Name Servers (DNS) and well-know e-commerce sites were identified as potentially affected by this vulnerability.
InterNiche Technologies has updated its NicheStack v2.0 and NicheLite v2.0 TCP/IP protocol stack products to handle the scenarios described in NISCC Vulnerability Notice #236929. The patch is available to all InterNiche customers in accordance with the terms of their current support agreements.
InterNiche Technologies has been developing and licensing networking management and configuration software for embedded systems since 1989. Hundreds of thousands of products depend on InterNiche software as part of their core functionality. Customers include companies such as 3COM, Ericsson, Intel, Hewlett Packard, Nortel Networks, Raytheon, Samsung, Siemens, and many more. For more information please contact email@example.com or visit InterNiche on the web at www.iniche.com.
Previous Page | News by Category | News Search
If you found this page useful, bookmark and share it on: