Linux Advisory Watch – January 20, 2006

44

Author: Benjamin D. Thomas

This week, advisories were released for httpd, mod_auth_pgsql, auth_ldap, ethereal,
struts, cups, gpdf, apache, and the kernel. The distributor for this week is
Red Hat.IPv6 approach for TCP SYN Flood attack over VoIP, Part V
By: Suhas Desai

In this paper, we describe and analyze a network based DoS at¬tack for IP based networks. It is known as SYN flooding. It works by an attacker sending many TCP connection re¬quests with spoofed source addresses to a victim’s machine. Each request causes the targeted host to instantiate data structures out of a limited pool of resources to deny further legitimate access.

Part I
Part II
Part III
Part IV

7. Result Analysis

7.1 Most powerful and flexible L4-7 security and content networking
test solution proven for:

  • Firewalls, edge routers, session controllers, proxies, IDS/IPS,
    VPN concentrators.
  • Servers, content switches/caches, load balancers, SSL accelerators

7.2 Mix real VoIP calls (H.323 & SIP) over integrated DHCP, IPSec,
PPPoE and 802.1 xs

  • Realistic testing, faster set-up, no need for scripting

7.3 Integrated IPv6, IPsecv6, VLAN, and SNMP support -Rapidly test
next-generation dual-stack devices and Stress the management plane at the same
time

7.4 Create a realistic mix of application traffic with H.323, SIP,
RTSP, SNMP, messaging on each test interface, DoS. /spam /virus
attacks with over 150 measurements.

8. Conclusion

This paper has described and analyzed a network based denial of
service attack, called SYN flooding. It has contributed a detailed
analysis for practical approach to application Performance validation
for VoIP application with IPv6/IPv4 configurations and TCP SYN
Flooding attacks over connection oriented networks.

To protect from DoS attacks for secure, scalable, high-availability
IPV6 services over VoIP performance above methods proven better results.
It has proved working also for spam and virus attacks over TCP
connections with network tester methods of MoonV6.

9. Acknowledgement

We would like to thank Zlata Trhulj for design documentation of IPv6
services and Network tester methods presented at North American IPv6
Coalition Meeting-Reston, VA, 25 May, 2005.

Read Article:
http://www.linuxsecurity.com/content/view/121205/49/


   Red
Hat
  RedHat: Moderate: httpd security update
  17th, January, 2006

Updated Apache httpd packages that correct three security issues
are now available for Red Hat Enterprise Linux 3 and 4. This update has
been rated as having moderate security impact by the Red Hat Security
Response Team.

 
  RedHat: Critical: mod_auth_pgsql security
update
  17th, January, 2006

Updated mod_auth_pgsql packages that fix format string security
issues are now available for Red Hat Enterprise Linux 3 and 4. This update
has been rated as having critical security impact by the Red Hat Security
Response Team.

 
  RedHat: Critical: auth_ldap security
update
  17th, January, 2006

An updated auth_ldap packages that fixes a format string security
issue is now available for Red Hat Enterprise Linux 2.1. This update has
been rated as having critical security impact by the Red Hat Security
Response Team.

 
  RedHat: Moderate: ethereal security update
  17th, January, 2006

Updated Ethereal packages that fix various security vulnerabilities
are now available. This update has been rated as having moderate security
impact by the Red Hat Security Response Team.

 
  RedHat: Low: struts security update for
Red Hat Application Server
  17th, January, 2006

Updated Red Hat Application Server components are now available
including a security update for Struts. This update has been rated as
having low security impact by the Red Hat Security Response Team.

 
  RedHat: Important: cups security update
  17th, January, 2006

Updated CUPS packages that fix multiple security issues are
now available for Red Hat Enterprise Linux. This update has been rated
as having important security impact by the Red Hat Security Response Team.

 
  RedHat: Important: gpdf security update
  17th, January, 2006

An updated gpdf package that fixes several security issues is
now available for Red Hat Enterprise Linux 4. This update has been rated
as having important security impact by the Red Hat Security Response Team.

 
  RedHat: Moderate: apache security update
  17th, January, 2006

Updated Apache httpd packages that correct a security issue
are now available for Red Hat Enterprise Linux 2.1. This update has been
rated as having moderate security impact by the Red Hat Security Response
Team.

 
  RedHat: Important: kernel security update
  17th, January, 2006

Updated kernel packages that fix several security issues in
the Red Hat Enterprise Linux 4 kernel are now available. This security
advisory has been rated as having important security impact by the Red
Hat Security Response Team.