This is a read-only archive. Find the latest Linux articles, documentation, and answers at the new Linux.com!

Linux.com

Feature

Linux Advisory Watch - January 20, 2006

By Benjamin D. Thomas on January 20, 2006 (8:00:00 AM)

Share    Print    Comments   

This week, advisories were released for httpd, mod_auth_pgsql, auth_ldap, ethereal, struts, cups, gpdf, apache, and the kernel. The distributor for this week is Red Hat.
IPv6 approach for TCP SYN Flood attack over VoIP, Part V
By: Suhas Desai

In this paper, we describe and analyze a network based DoS at¬tack for IP based networks. It is known as SYN flooding. It works by an attacker sending many TCP connection re¬quests with spoofed source addresses to a victim's machine. Each request causes the targeted host to instantiate data structures out of a limited pool of resources to deny further legitimate access.

Part I
Part II
Part III
Part IV

7. Result Analysis

7.1 Most powerful and flexible L4-7 security and content networking test solution proven for:

  • Firewalls, edge routers, session controllers, proxies, IDS/IPS, VPN concentrators.
  • Servers, content switches/caches, load balancers, SSL accelerators

7.2 Mix real VoIP calls (H.323 & SIP) over integrated DHCP, IPSec, PPPoE and 802.1 xs

  • Realistic testing, faster set-up, no need for scripting

7.3 Integrated IPv6, IPsecv6, VLAN, and SNMP support -Rapidly test next-generation dual-stack devices and Stress the management plane at the same time

7.4 Create a realistic mix of application traffic with H.323, SIP, RTSP, SNMP, messaging on each test interface, DoS. /spam /virus attacks with over 150 measurements.

8. Conclusion

This paper has described and analyzed a network based denial of service attack, called SYN flooding. It has contributed a detailed analysis for practical approach to application Performance validation for VoIP application with IPv6/IPv4 configurations and TCP SYN Flooding attacks over connection oriented networks.

To protect from DoS attacks for secure, scalable, high-availability IPV6 services over VoIP performance above methods proven better results. It has proved working also for spam and virus attacks over TCP connections with network tester methods of MoonV6.

9. Acknowledgement

We would like to thank Zlata Trhulj for design documentation of IPv6 services and Network tester methods presented at North American IPv6 Coalition Meeting-Reston, VA, 25 May, 2005.

Read Article:
http://www.linuxsecurity.com/content/view/121205/49/


   Red Hat
  RedHat: Moderate: httpd security update
  17th, January, 2006

Updated Apache httpd packages that correct three security issues are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team.

 
  RedHat: Critical: mod_auth_pgsql security update
  17th, January, 2006

Updated mod_auth_pgsql packages that fix format string security issues are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having critical security impact by the Red Hat Security Response Team.

 
  RedHat: Critical: auth_ldap security update
  17th, January, 2006

An updated auth_ldap packages that fixes a format string security issue is now available for Red Hat Enterprise Linux 2.1. This update has been rated as having critical security impact by the Red Hat Security Response Team.

 
  RedHat: Moderate: ethereal security update
  17th, January, 2006

Updated Ethereal packages that fix various security vulnerabilities are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team.

 
  RedHat: Low: struts security update for Red Hat Application Server
  17th, January, 2006

Updated Red Hat Application Server components are now available including a security update for Struts. This update has been rated as having low security impact by the Red Hat Security Response Team.

 
  RedHat: Important: cups security update
  17th, January, 2006

Updated CUPS packages that fix multiple security issues are now available for Red Hat Enterprise Linux. This update has been rated as having important security impact by the Red Hat Security Response Team.

 
  RedHat: Important: gpdf security update
  17th, January, 2006

An updated gpdf package that fixes several security issues is now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team.

 
  RedHat: Moderate: apache security update
  17th, January, 2006

Updated Apache httpd packages that correct a security issue are now available for Red Hat Enterprise Linux 2.1. This update has been rated as having moderate security impact by the Red Hat Security Response Team.

 
  RedHat: Important: kernel security update
  17th, January, 2006

Updated kernel packages that fix several security issues in the Red Hat Enterprise Linux 4 kernel are now available. This security advisory has been rated as having important security impact by the Red Hat Security Response Team.

 

Share    Print    Comments   

Comments

on Linux Advisory Watch - January 20, 2006

Note: Comments are owned by the poster. We are not responsible for their content.

what the heck?

Posted by: Anonymous Coward on January 22, 2006 08:45 AM
The first line lures people in with "This week, advisories were released for httpd, mod_auth_pgsql, auth_ldap, ethereal, struts, cups, gpdf, apache, and the kernel. The distributor for this week is Red Hat."

The entire article is about TCP SYN floods in IPV6. Nothing from the first line is mentioned even once.

Was someone in a hurry to get out by 5PM on Friday?

#

Re:what the heck?

Posted by: Anonymous Coward on January 23, 2006 06:54 AM
The Red Hat advisories are listed below the article.

#

This story has been archived. Comments can no longer be posted.



 
Tableless layout Validate XHTML 1.0 Strict Validate CSS Powered by Xaraya