FragmentSmack Vulnerability to be Discovered in Windows

The vulnerability affects all versions of Windows 7 through 10, Server 2008, 2012, 2016, and Core Installations that don't have the latest security updates 
18 September 2018   298

Microsoft released security recommendations regarding the vulnerability called FragmentSmack with the code number CVE-2018-5391. The exploit implements DoS-attacks, allowing an attacker to cause a full load of the CPU, because of which the OS ceases to respond to external influences. Vulnerabilities are affected by all versions of the operating system, starting with Windows 7, not having the latest security updates.

To implement the attack, an attacker sends a stream of eight-byte fragmented IP packets to the victim's computer with a random offset of the fragment. However, the last fragment is not sent. When the system tries to collect information into a single file, the worst case of the algorithm for processing the associated array is implemented. As a result, the load on the central processor reaches 100%. System performance is restored as soon as data flow ceases.

A similar vulnerability was observed in Windows 3.11 and 95, and resulted in a system crash.

The OS developers has already prepared the necessary updates. In case the user for some reason can not make an update, Microsoft recommends that to block the assembly of packages using console commands:

Netsh int ipv4 set global reassemblylimit = 0
Netsh int ipv6 set global reassemblylimit = 0

The company warns that these actions can lead to packet loss.

The Microsoft Azure FragmentSmack service will not have any effect, malicious traffic is blocked by external layers of protection for virtual machines.

FragmentSmack is a cross-platform vulnerability. In August 2018, this exploit was detected in Linux-based systems version 3.9 and higher. Developers have already released updates that eliminate the possibility of attack on this vector.

Cloudflare to Develop IPFS Gateway

According to the developers, new gateway will allow to create P2P based websites
20 September 2018   222

Cloudflare told about the IPFS gateway, which will allow creating sites based on P2P network. The company said that access to content will be done without having to install special software on the devices.

As a technology feature, Cloudflare experts note decentralization. Using a standard network scheme with servers involves physical storage of data in one place. Hacking the server or damage to communications as a result of an emergency (for example, a natural disaster) will lead to inaccessibility of information or its loss. The same is threatened with information if the server owner has decided to refuse it.

Cloudflare Network
Cloudflare Network

The IPFS gateway combines computers, on each of which some information is stored, to the worldwide network. Therefore, the inaccessibility of one computer does not mean that the content can not be viewed or downloaded. Therefore, the key differences are two:

  1. With IPFS, anyone can freely post information instead of storing it on remote servers and paying for their services.
  2. Requests for access to data are carried out using cryptographic hashing, rather than by IP address. The query data is converted to a series of letters and numbers, by which the system finds the required files. For example, the query for any information will not like "get information that is located at IP address 93.184.216.34", but the kind "get information with hash sum QmXnnyufdzAWL5CqZ2RnSNgPbvCc1ALT73s6epPrRnZ1Xy". This hash sum is part of the desired file and is on several computers.

The system automatically determines the authenticity of the file. If we take as an example a query with a hash sum QmXnnyufdzAWL5CqZ2RnSNgPbvCc1ALT73s6epPrRnZ1Xy, then when receiving the information it should remain the same. If the hash value differs, then the file has been changed. In other words, the hash-sum can be represented as a unique fingerprint:

IPFS Security
IPFS Security

Supporters of decentralization are also in a number of other companies. Mozilla employees believe that consumers should not be tied to a particular product, brand or platform. In early August 2018, developers published a version of the IoT gateway Things Gateway 0.5. In it, they realized the possibility of loading third-party icons and an interface for complex devices.