Feeds

Linux kernel DoS risk under the spotlight

Don't be too alarmed

  • alert
  • submit to reddit

Beginner's guide to SSL certificates

There is a potentially troublesome denial of service risk linked to a vuln in the Linux 2.4 kernel, concerning the cacheing of routing information.

A Red Hat advisory on the problem explains: "A remote attacker could send packets with carefully chosen, forged source addresses in such a way as to make every routing cache entry get hashed into the same hash chain. The result would be that the kernel would use a disproportionate amount of processor time to deal with new packets, resulting in a remote denial of service attack."

Red Hat has issued updated kernel packages.

An advisory by security outfit Secunia provides a list of other affected Linux distributions (too numerous to list here). An official patch or update for the Linux Kernel is yet to be made available, according to Secunia.

However workarounds are available and there's little evidence that the vulnerability has been maliciously exploited, at least for now. ®

Remote control for virtualized desktops

Whitepapers

Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
Designing and building an open ITOA architecture
Learn about a new IT data taxonomy defined by the four data sources of IT visibility: wire, machine, agent, and synthetic data sets.
How to determine if cloud backup is right for your servers
Two key factors, technical feasibility and TCO economics, that backup and IT operations managers should consider when assessing cloud backup.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.