Protect your corporate IT network from hackers and other unwanted intruders with Proxy Sentinel™. Click here for all the details and get the peace of mind you deserve.
Back to our Homepage Proxy Sentinel™ high performance Internet proxy server and secure firewall solution Firewall Sentinel™ secure & powerful Internet firewall solution About Internet and GCIS Frequently Asked Questions on Internet security issues Internet Security Industry News - Stay informed of what's happening Contact Internet today and order your Proxy Sentinel™ or Firewall Sentinel™ server now!

Cisco releases fix to a protocol flaw

Save your company's valuable data with Proxy Sentinel™ from Internet Security. Click here for all the details.

April 21, 2004

Cisco has released a fix to a flaw in a popular communications protocol that some experts said could take down the Net and has announced a new, unrelated security bug. After the United Kingdom's National Infrastructure Security Co-ordination Centre sent out an advisory Tuesday describing the problem, Cisco and several other vendors acknowledged that their products could be affected by the flaw.

Cisco posted an alert to customers on its Web site and provided information for obtaining updated software. The problem affects a broad range of Cisco products, from its Internet Protocol routers and Ethernet switches to its optical, Internet Protocol telephony and storage products, according to the warning.

Other vendors, including Juniper Networks and Check Point Software Technologies, also have posted warnings and information regarding software updates on their Web sites.

As reported earlier by CNET, the vulnerability found in TCP--the Transmission Control Protocol--allows for what's known as a reset attack. Many network appliances and software programs rely on a continuous stream of data from a single source called a session. Prematurely ending the session can cause a wide variety of problems for devices.

Unrelated to the TCP issue, Cisco also warned customers on Tuesday of a flaw discovered in some versions of its Internetwork Operating System software. The vulnerability, which was introduced through a previous version of a software upgrade, may cause a problem with a remote-management protocol called Simple Network Management Protocol.

The software bug causes devices to constantly reload information. Cisco warned that it could be exploited during a denial-of-service attack, causing affected devices to completely shut down. Denial-of-service attacks occur when hackers overwhelm a switch or router with millions of packets. Eventually, the device is unable to process the incoming packets, and it freezes or shuts down. Cisco has produced a code fix, which is available on its Web site.

A new version of Cisco's operating system expected later this year, should help prevent new bugs, such as the one discovered this week, from being introduced into products. Because the current version of Cisco's operating software runs on a single process, it requires network administrators to upload an entirely new version of software, even when only one element of the code needs to be changed. This often introduces bugs in different parts of the software.

The new software will run different functions on separate processes so that customers can add or update pieces of the code.

Source: C-Net News

Save Internet's URL to the list of your favorite web sites in your Web browser by clicking here. Proxy Sentinel™ is the most secure Internet proxy server on the market today. Click here for more information.

You can link to the Internet Security web site as much as you like. Read our section on how your company can participate in our reciprocal link exchange program and increase your rankings in the major search engines such as
Google and all the others.

Powered by Sun Hosting
Sponsered by Press
Industry partner: Hébergement Canada
Development platform by My Web Services
Internet is a fully-owned subsidiary of GCIS
Professional search engine optimization by Rank for Sales

Internet is listed in
Global Business Listing

| Home | Proxy Sentinel™ | Firewall Sentinel™ | FAQ | News | Sitemap | Contact |
Copyright © Internet 2003    Terms of use    Privacy agreement    Legal disclaimer