Firms will need to patch their networks to fix a serious
flaw in Transmission Control Protocol that could allow a hacker to
crash or make parts of the network inaccessible, according to
hardware suppliers and consultants. TCP is used on the majority of
networks to enable data connections.
The government's National Infrastructure Security Co-ordination
Centre highlighted the vulnerability, posting a global alert.
Phil Cracknell, chief technology officer at security consultancy
netSurity, said the problem with TCP was a known flaw but had been
considered low-risk.
To exploit the vulnerability an attacker would have to guess a
sequence of numbers, a scenario that experts deemed highly
unlikely. But Cracknell said, "It seems that a researcher has
stumbled upon scenarios where any number of values can be used to
great effect."
Network hardware supplier Cisco said all its products that use TCP
were susceptible to this vulnerability and advised users to update
their IOS network operating system software. The vulnerability
could cause a TCP connection to break, which, Cisco said, in most
cases would cause little harm to the network.
But it warned that router-to-router connections using Border
Gateway Protocol (BGP) could be severely affected.
Richard Brain, technical director at security consultancy
Procheckup, said, "BGP relies on a permanent TCP connection between
two routers. A connection could last for minutes or even hours, so
it is more likely to be affected [by the flaw]. If exploited, a
hacker could prevent one part of a corporate network from
communicating with another part."
Applying patches might not be a straightforward process. Chris
Anley, joint founder of security testing company NGS Software,
said, "Companies attempting to close the gaps may find they have to
prevent some users getting access to their networks while they
upgrade the operating software on their routers and switches. This
may lead to network outages for some as it is a major task."