Linux TCP flaw

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



Hi

So after reading this, felt I should apply the fix to a CentOS6 VPS that I have.
http://www.zdnet.com/article/linux-tcp-flaw-lets-anyone-hijack-internet-traffic/

The article doesn't talk about CentOS or Redhat, but I assume the problem is the same, and hoping the solution is the same.
However that doesn't seem to be the case.

[root@vps ~]# uname -r
2.6.32-042stab108.7
[root@vps ~]# sysctl -a | grep ack_limit
net.ipv4.tcp_challenge_ack_limit = 100
[root@vps ~]# vi /etc/sysctl.conf
> Append
> net.ipv4.tcp_challenge_ack_limit = 999999999
> to end of file
[root@vps ~]# sysctl -p
net.ipv4.ip_forward = 0
net.ipv4.tcp_syncookies = 1
error: permission denied on key 'net.bridge.bridge-nf-call-ip6tables'
error: permission denied on key 'net.bridge.bridge-nf-call-iptables'
error: permission denied on key 'net.bridge.bridge-nf-call-arptables'
error: permission denied on key 'net.ipv4.tcp_challenge_ack_limit'
[root@vps ~]# sysctl -a | grep ack_limit
net.ipv4.tcp_challenge_ack_limit = 100

Am I getting a permission denied because of there is a different solution, or the problem doesn't apply to our VPS or some other reason?

Regards

Andrew Dent
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos



[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux