Researcher's Death Hampers TCP Flaw Fix

Researcher's Death Hampers TCP Flaw Fix 147

Posted by timothy on Wednesday April 08, 2009 @05:03PM from the sad-news-and-bad-news dept.

linuxwrangler writes "Security researcher Jack Louis, who had discovered several serious security flaws in TCP software was killed in a fire on the ides of March, dealing a blow to efforts to repair the problem. Although he kept good notes and had communicated with a number of vendors, he died before fixes could be created and prior to completing research on a number of additional vulnerabilities. Much of the work has been taken over by Louis' friend and long-time colleague Robert E. Lee. The flaws have been around for a long time and would allow a low-bandwidth 'sockstress' attack to knock large machines off the net."

Researcher's Death Hampers TCP Flaw Fix

This discussion has been archived. No new comments can be posted.

Search 147 Comments Log In/Create an Account

Comments Filter:

Original /. story (Score:3, Informative)

by stevied ( 169 ) * writes: on Wednesday April 08, 2009 @05:10PM (#27509683)

New Denial-of-Service Attack Is a Killer [slashdot.org] (01 October 2008)

Re:Robert E. Lee (Score:2, Informative)

by Anonymous Coward writes: on Wednesday April 08, 2009 @05:23PM (#27509879)

I knew jack pretty well, this flaw is legit. Robert E. Lee (aka jrl) was in fact his partner, but in many people's opinions, he rode jack's successes.
This story is really very sad, jacks passing was something that happened in the middle of the night with no warning, he was in the prime of his life and a VERY bright guy.
Robert E Lee is a real name by the way.

Here's the guy... (Score:5, Informative)

by tjstork ( 137384 ) writes: <todd DOT bandrowsky AT gmail DOT com> on Wednesday April 08, 2009 @05:36PM (#27510041) Homepage Journal

Well, everyone's having a good laugh at the expense of the death of this guy. May as well laugh at a picture of him. [unicornscan.org]

Naptha all over again (Score:4, Informative)

by drwho ( 4190 ) writes: on Wednesday April 08, 2009 @05:38PM (#27510083) Homepage Journal

This problem was demonstrated in 2000, with the NAPTHA software and its demonstration that the problem is not academic. Yes, before NAPTHA, there was some software that could demonstrate the issue but this software had issues itself (written in perl, kept state) which limited its effectiveness. SockStress is just NAPTHA revisited.
I have a fix for this problem, but there's not enough room in the margin to describe it.

Re:Naptha all over again (Score:3, Informative)

by pyrrhonist ( 701154 ) writes: on Wednesday April 08, 2009 @08:04PM (#27511977)

Can you guarantee that the fix will be rolled out to everyone at the same time?
The fix has already been rolled out long ago.
Do you know what the fix is? Source address level filtering [www.cert.fi]. It's that simple.
This attack is less of a threat than SYN flooding attacks, because the attacker's address can't be spoofed. More information from Fyodor [insecure.org].

There may be more comments in this discussion. Without JavaScript enabled, you might want to turn on Classic Discussion System in your preferences instead.

Researcher's Death Hampers TCP Flaw Fix 147

Researcher's Death Hampers TCP Flaw Fix More Login

Researcher's Death Hampers TCP Flaw Fix

Original /. story (Score:3, Informative)

Re:Robert E. Lee (Score:2, Informative)

Here's the guy... (Score:5, Informative)

Naptha all over again (Score:4, Informative)

Re:Naptha all over again (Score:3, Informative)

Related Links Top of the: day, week, month.

Slashdot Top Deals

Slashdot