2.6 DoS Vulnerability!
Turn off iptables logging now until the fix (update to kernel >= 2.6.8) is made.
The story appeared on TheAge Quote:
HERE is the security announcement from Suse. |
Additional advisory info: http://secunia.com/advisories/11202/
|
Re: 2.6 DoS Vulnerability!
Quote:
|
So does that mean that if iptables is loaded as a module (i.e. not built in to the kernel), you aren't vulnerable?
You are vulnerable. It apparently is about the part of the Netfilter framework code that logs (IP and TCP) protocol options. Therefore it does not matter if it is built in into the kernel or loaded as module. Upgrading the kernel is your only option. The workaround is to disable all logging of IP and TCP options (see SuSE advisory). |
Another fun day spend upgrading kernels on multiple servers. :rolleyes:
|
Edit: oops... already been answered.. ignore me.
|
this is why i like freebsd:D
|
Quote:
ftp://ftp.freebsd.org/pub/FreeBSD/CE...-04:04.tcp.asc Probably could have picked alot better things to flame about. |
Sorry, Ignore me pls.
|
Re: 2.6 DoS Vulnerability! slash Yast update
Running the Yast update on Suse solve this problems?
Automatically updating the kernel... |
Running YOU will likely fix the issue, if SuSE has released a patch for it. Check the SuSE site for what security patches they are putting out or instructions related to the vulnerability.
|
Moderator note: Merging this thread with the original. Please respond to it there rather than starting a new thread. Thanks.
|
Quote:
ha! |
All times are GMT -5. The time now is 09:30 PM. |