Apple acts to fix MacOS 9 security flaw
OS leaves DSL, cable modem users open to denial of service attacks
Apple last night released a patch to fix a glitch within MacOS 9's Open Transport networking software that leaves Macs open to denial of service (DOS) attacks from hackers.
According to MacWeek, Open Transport's DOS problem only affects Macs that are connected full-time to the Net and running version 9 of the Mac OS. It was uncovered by Prof. John Copeland, head of the School of Electrical and Computer Engineering at the Georgia Institute of Technology.
Copeland told MacWeek that hackers can send a 29-byte packet of data to cable and DSL networks - Macs running pre-patched MacOS 9 will essentially respond with their addresses, which if fired back rapidly and continuously will overload the target's connection and bring it down. This kind of DOS attack is harder to beat than more common kinds, said Copeland, because it takes place over a distributed network. He also said he was aware that some cable and DSL networks have already been scanned for susceptible machines but hasn't yet seen any attacks perpetrated this way. ®