Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1011
Views
0
Helpful
1
Replies

Outpost24 TCP Issues

steven_geerts
Level 1
Level 1

‎10-20-2008 09:01 PM

Hi Karl,

last week we received the following threath warning (from a reliable source):
Threat:

Outpost24 announced a threat two weeks ago about the TCP/IP stack, the impact of this threat is very high and involving all TCP/IP network based systems.
This information is confirmed by organizations as Govcert, Fox-IT, etc.
On the 17th of October 2008 detailed information will be presented to the world on a technology conference and there could be a higher change of exploitation (based on the amount of information which will be released).

Major vendors like Microsoft, Cisco, IBM, etc. are informed and are working on a solutions, until now there are no patches or solutions available.

Impact:
Systems which are attacked will go down, this includes all TCP/IP related environments

Worst case scenario:
The exploit will be available before patching. If we are attacked this could result in a Denial Of Service (DOS) most likely on our internet infrastructure.


Is this threat know by Ironport and do is there a roadmap for patching?

Thanks!

Steven

Labels:
0 Helpful
1 Reply 1

karlyoun
Level 1
Level 1

‎10-20-2008 10:16 PM

Steven

I started a new topic to cover this. This report is new, and is still being investigated. Here is a link to Cisco's current response:

http://www.cisco.com/warp/public/707/cisco-sr-20081017-tcp.shtml

And here is the latest from CERT (also linked in the Cisco response):

https://www.cert.fi/haavoittuvuudet/2008/tcp-vulnerabilities.html]

I am working with the IronPort Security Team to get a response. I will post here, and in the Security section of the IronPort Support Portal as soon as I have more information.

Karl Young
Email Security Product Support Engineer
IronPort Systems


Hi Karl,

last week we received the following threath warning (from a reliable source):
Threat:

Outpost24 announced a threat two weeks ago about the TCP/IP stack, the impact of this threat is very high and involving all TCP/IP network based systems.
This information is confirmed by organizations as Govcert, Fox-IT, etc.
On the 17th of October 2008  detailed information will be presented to the world on a technology conference and there could be a higher change of exploitation (based on the amount of information which will be released).

Major vendors like Microsoft, Cisco, IBM, etc. are informed and are working on a solutions, until now there are no patches or solutions available.

Impact:
Systems which are attacked will go down, this includes all TCP/IP related environments

Worst case scenario:
The exploit will be available before patching. If we are attacked this could result in a Denial Of Service (DOS) most likely on our internet infrastructure.


Is this threat know by Ironport and do is there a roadmap for patching?

Thanks!

Steven

0 Helpful
Customers Also Viewed These Support Documents