Skip navigation

Windows TCP/IP Woes

The Land attack method has been known to the public at least since November 1997. When a Windows system receives a SYN packet which contains the same source and destination address the packet could cause a minor denial of service. Microsoft has long since issued a patch to fix that problem in IPv4 but the company's IPv6 implementation is still vulnerable.

On May 16 Konrad Malewski reported to readers of the NTBugTraq mailing list that according to his tests Windows Server 2003 and Windows XP (even with all the latest operating system updates installed) are both vulnerable to Land attacks against IPv6. Malewski also reported that the Land attack works against IPv4 in Microsoft's next generation Windows platform (code named Longhorn) which is still in development. Malewski said that he notified Microsoft of his discoveries.

In somewhat related news, Microsoft issued an advisory on May 18, "
Vulnerability in TCP Could Allow Connection Reset ," where the company said it is aware that a remote intruder could set abitrary timer values for a TCP connection, which could effectively be used to reset open TCP connections. According to Microsoft the problem is fixed on systems that use Windows XP SP2 and Windows Server 2003 SP1, or systems that have the MS05-019 security update installed. Microsoft also said that in June it will re-released MS05-019 to address another known network connectivity issues that affect Microsoft Terminal Server, Exchange Server, and some domain controllers.

TAGS: Security
Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.