The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My badges

  • Twitter Updates

  • My Flickr Stream

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 1,649 other followers

Some links about the TCP SACK PANIC attacks on Linux and FreeBSD Kernels

Posted by jpluimers on 2019/06/20

The TCP SACK vulnerabilities as found by Netflix: [WayBack] security-bulletins/2019-001.md at master · Netflix/security-bulletins · GitHub.

Easy, but slow workaround from [WayBack] linux – How to disable TCP SACK for CentOS? – Super User:

Temporary (until boot):

echo "0" > /proc/sys/net/ipv4/tcp_sack

Permanent (even after boot):

echo "net.ipv4.tcp_sack = 0" >> /etc/sysctl.conf
sysctl -p

Coverage:

–jeroen

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

 
%d bloggers like this: