Linux Advisory Watch - January 20, 2006

This week, advisories were released for httpd, mod_auth_pgsql, auth_ldap, ethereal,
struts, cups, gpdf, apache, and the kernel. The distributor for this week is
Red Hat.IPv6 approach for TCP SYN Flood attack over VoIP, Part V
By: Suhas Desai

In this paper, we describe and analyze a network based DoS at¬tack for IP based networks. It is known as SYN flooding. It works by an attacker sending many TCP connection re¬quests with spoofed source addresses to a victim’s machine. Each request causes the targeted host to instantiate data structures out of a limited pool of resources to deny further legitimate access.

Part I
Part II
Part III
Part IV

7. Result Analysis

7.1 Most powerful and flexible L4-7 security and content networking
test solution proven for:

Firewalls, edge routers, session controllers, proxies, IDS/IPS,
VPN concentrators.
Servers, content switches/caches, load balancers, SSL accelerators

7.2 Mix real VoIP calls (H.323 & SIP) over integrated DHCP, IPSec,
PPPoE and 802.1 xs

Realistic testing, faster set-up, no need for scripting

7.3 Integrated IPv6, IPsecv6, VLAN, and SNMP support -Rapidly test
next-generation dual-stack devices and Stress the management plane at the same
time

7.4 Create a realistic mix of application traffic with H.323, SIP,
RTSP, SNMP, messaging on each test interface, DoS. /spam /virus
attacks with over 150 measurements.

8. Conclusion

This paper has described and analyzed a network based denial of
service attack, called SYN flooding. It has contributed a detailed
analysis for practical approach to application Performance validation
for VoIP application with IPv6/IPv4 configurations and TCP SYN
Flooding attacks over connection oriented networks.

To protect from DoS attacks for secure, scalable, high-availability
IPV6 services over VoIP performance above methods proven better results.
It has proved working also for spam and virus attacks over TCP
connections with network tester methods of MoonV6.

9. Acknowledgement

We would like to thank Zlata Trhulj for design documentation of IPv6
services and Network tester methods presented at North American IPv6
Coalition Meeting-Reston, VA, 25 May, 2005.

Read Article:
http://www.linuxsecurity.com/content/view/121205/49/

	Red Hat
	RedHat: Moderate: httpd security update
	17th, January, 2006 Updated Apache httpd packages that correct three security issues are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/121220

	RedHat: Critical: mod_auth_pgsql security update
	17th, January, 2006 Updated mod_auth_pgsql packages that fix format string security issues are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/121221

	RedHat: Critical: auth_ldap security update
	17th, January, 2006 An updated auth_ldap packages that fixes a format string security issue is now available for Red Hat Enterprise Linux 2.1. This update has been rated as having critical security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/121222

	RedHat: Moderate: ethereal security update
	17th, January, 2006 Updated Ethereal packages that fix various security vulnerabilities are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/121223

	RedHat: Low: struts security update for Red Hat Application Server
	17th, January, 2006 Updated Red Hat Application Server components are now available including a security update for Struts. This update has been rated as having low security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/121224

	RedHat: Important: cups security update
	17th, January, 2006 Updated CUPS packages that fix multiple security issues are now available for Red Hat Enterprise Linux. This update has been rated as having important security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/121225

	RedHat: Important: gpdf security update
	17th, January, 2006 An updated gpdf package that fixes several security issues is now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/121226

	RedHat: Moderate: apache security update
	17th, January, 2006 Updated Apache httpd packages that correct a security issue are now available for Red Hat Enterprise Linux 2.1. This update has been rated as having moderate security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/121227

	RedHat: Important: kernel security update
	17th, January, 2006 Updated kernel packages that fix several security issues in the Red Hat Enterprise Linux 4 kernel are now available. This security advisory has been rated as having important security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/121228

RELATED ARTICLESMORE FROM AUTHOR

Xen 4.19 is released

Advancing Xen on RISC-V: key updates

AI Produces Data-driven OpenFOAM Speedup (HPC Wire)

Delivering Prime Training Deals – 2 DAYS ONLY

Why You Need to Know About Event Modeling: —An Intro

RELATED ARTICLES MORE FROM AUTHOR