[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] FWD: Serious TCP Bug in Linux Systems Allows Traffic Hijacking



Dear Liste, concerned Tor relay operators, TCP abolitionists and so called network forensics experts,


We already have several tools that can detect various types of TCP injection attacks; for instance:
https://github.com/david415/HoneyBadger


For fun I'll write some TCP inference exploits as described in that most excellent paper
so everyone can enjoy blind TCP injection attacks. I'll be sure to post my results here later...
unless i get completely distracted by yet another software development project.

meow >.< 

David

On Fri, Aug 12, 2016 at 04:39:10PM +0200, Liste wrote:
> 
> https://threatpost.com/serious-tcp-bug-in-linux-systems-allows-traffic-hijacking/119804/
> 
> … The vulnerable TCP implementation (CVE-2016-5696) could affect an
> untold number of devices running Linux, including embedded computers,
> mobile phones and more. …
> 
> … Attacks can disrupt or degrade supposedly encrypted traffic, including
> connections over the Tor network, the researchers wrote. …
> 
> 
> ...Systems Allows Traffic Hijacking https://wp.me/p3AjUX-vak
> Attacks can disrupt or degrade supposedly encrypted traffic, including
> connections over the Tor network, the researchers wrote.
> 
> See more at: Serious TCP Bug in Linux Systems Allows Traffic Hijacking
> https://wp.me/p3AjUX-vak
> Attacks can disrupt or degrade supposedly encrypted traffic, including
> connections over the Tor network, the researchers wrote.
> 
> See more at: Serious TCP Bug in Linux Systems Allows Traffic Hijacking
> https://wp.me/p3AjUX-vak
> Attacks can disrupt or degrade supposedly encrypted traffic, including
> connections over the Tor network, the researchers wrote.
> 
> See more at: Serious TCP Bug in Linux Systems Allows Traffic Hijacking
> https://wp.me/p3AjUX-vak

> _______________________________________________
> tor-dev mailing list
> tor-dev@xxxxxxxxxxxxxxxxxxxx
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev

Attachment: signature.asc
Description: PGP signature

_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev