-----BEGIN PGP SIGNED MESSAGE----- =============================================================================== Security Advisory CERT-NL =============================================================================== Author/Source : Teun Nijssen Index : S-98-80 Distribution : World Page : 1 Classification: External Version: 1 Subject : tcp-denial-of-service Date : 22-Dec-98 =============================================================================== By courtesy of CERT Coordination Center we received the following information. CERT Coordination Center advisory CA-98-13 reports a vulnerability in certain BSD derived TCP/IP stacks. This vulnerability allows hackers to disrupt services or even crash computers. It is similar to the 1997 'Teardrop' attack. This advisory provides a list of vulnerable and unaffected systems. CERT-NL recommends to check the status of your systems using the CERT/CC list and to apply patches as needed. Not only for this attack, but in general, CERT-NL advises to configure your routers and firewalls to reject spoofed IP packets. All CERT Coordination Center advisories and README's are mirrored by CERT-NL. The specific URL's for this case are: ftp://ftp.surfnet.nl/surfnet/net-security/cert-cc-mirror/cert_advisories /CA-98-13-tcp-denial-of-service (note the spelling: not CA-98.13 with a dot) More information about the CERT-NL mirror and notifier services is contained in News items N-95-01 (notifier) and N-95-02 (CERT mirror), both present on ftp://ftp.surfnet.nl/surfnet/net-security/cert-nl/docs/news/ ============================================================================== CERT-NL is the Computer Emergency Response Team for SURFnet customers. SURFnet is the Dutch network for educational, research and related institutes. CERT-NL is a member of the Forum of Incident Response and Security Teams (FIRST). All CERT-NL material is available under: http://www.surfnet.nl/surfnet/security/cert-nl.html ftp://ftp.surfnet.nl/surfnet/net-security In case of computer or network security problems please contact your local CERT/security-team or CERT-NL (if your institute is NOT a SURFnet customer please address the appropriate (local) CERT/security-team). CERT-NL is one/two hour(s) ahead of UTC (GMT) in winter/summer, i.e. UTC+0100 in winter and UTC+0200 in summer (DST). Email: cert-nl@surfnet.nl ATTENDED REGULARLY ALL DAYS Phone: +31 302 305 305 BUSINESS HOURS ONLY Fax: +31 302 305 329 BUSINESS HOURS ONLY Snailmail: SURFnet bv Attn. CERT-NL P.O. Box 19035 NL - 3501 DA UTRECHT The Netherlands NOODGEVALLEN: 06 52 87 92 82 ALTIJD BEREIKBAAR EMERGENCIES : +31 6 52 87 92 82 ATTENDED AT ALL TIMES CERT-NL'S EMERGENCY PHONENUMBER IS ONLY TO BE USED IN CASE OF EMERGENCIES: THE SURFNET HELPDESK OPERATING THE EMERGENCY NUMBER HAS A *FIXED* PROCEDURE FOR DEALING WITH YOUR ALERT AND WILL IN REGULAR CASES RELAY IT TO CERT-NL IN AN APPROPRIATE MANNER. CERT-NL WILL THEN CONTACT YOU. ============================================================================== -----BEGIN PGP SIGNATURE----- Version: PGP 6.0 iQCVAwUBNn9t0VpSTqmIRWKVAQFDCwQApzB90pJ+LzSoxSCPdRR4P1RtnX9uNi5u e3dy6JSglsJV8R58KWuS+9GXNLAUco7+WMT7oSFe/+pgimHa3SlS5IKYwi8kESaw 5XDZeFIyucE06eukmhfv9H3jKZextCgp3cKL+ctW0vSxZ0LnPbPOE8XdCpc713W1 1A7M+x81D1A= =hy++ -----END PGP SIGNATURE-----