TCP / FreeBSD의 리어셈블리 기능을 통한 DoS 시도
(data packets with no ACK flags)
cve-2014-3000
FreeBSD : Research Unix OS used to power modern servers, desktops, embedded platforms. (focused on features, speed, stability.)
(seems to be especially good for the server OS of middle class companies.)
(free, fast, responsive)
BSD : abbreviation of 'Berkeley Software Distribution'.
an operating system based on the source code of the original Unix developed at Bell Labs.
used to power modern servers, desktops, embedded platforms. (focused on features, speed, stability.)
이러한 현상은...
일단은 linux 는 kernel은 누구나 수정이 가능하고..
자신이 원하는데로 만들수 있는 곳에 기인합니다.
BSD 계열은 완전 상용화 or 단일 단체에서의 관리...
이러한 제약 때문에...
자신의 입맛에 맛게 수정 배포하는게 힘들죠...
이러한 BSD 가 장점이 될 수도 있지만...
널리 알리는 데엔 단점으로 작용을 할 수도 있지만...
원래 BSD 는 연구 개발의 순수한 의미로 시작한 것이고 지금도 그럭저럭 잘 지켜지고 있습니다.
한마디로 하면은... linux 는 대중화 하기가 쉬웠고...
BSD 는 그러기엔 어려운 면이 있었다고 할 수가 있겠죠...
왜 Linux를 BSD보다 더 많이 사용할까? | KLDP
TCP : Transmission Control Protocol. (Transport protocol)
One of the main protocols of the Internet protocol suite.
TCP includes mechanisms to solve many of the problems that arise from packet-based messaging, such as lost packets, out of order packets, duplicate packets, and corrupted packets.
DoS (Denial of Service) : a cyber attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to a network.
[Reason]
The TCP reassembly function in the inet module in FreeBSD
8.3 before p16,
8.4 before p9,
9.1 before p12,
9.2 before p5,
10.0 before p2 allows remote attackers to cause a denial of service.
(undefined memory access and system crash)
or possibly read system memory via multiple crafted packets,
related to moving a reassemble queue entry to the segment list
when the queue is full.
It keeps happening until the attacker gains some more Information about the way to access to the system and take privilege.
[Solution]
- update a latest version of it.
Comments
Post a Comment