Abstract—One main advantage of open-source technologies such as Linux is the increased security. In this paper we will discuss the type of attacks on operating system Linux Kernel such as side channel vulnerability, introduced in a recent TCP specification (RFC 5961) fully implemented in Linux kernel version 3.6, how it is spreads and what are its impact. This vulnerability allows a blind off-path attacker to infer to any two hosts on the Internet that are communicating using a TCP connection. Such an off-path attacker can also infer the TCP sequence numbers in use, from both sides of the connection; allowing to cause connection termination and perform data injection attacks. The proposed elimination methodology to the cause of the problem are also discussed.
Keywords: Operting system: security attacks; denial of service;…show more content… The most common attacks considered are 'Blind in window attack' where an off-path attacker sends spoofed TCP packets with guessed sequence numbers in an attempt to achieve DoS or data injection attacks. First knowing the target 4-tuple of an ongoing TCP connection between a client and a server. Then if the guessed sequence number of the spoofed packet happens to fall in the receive window, (named as in-window sequence number), one can in fact reset or inject acceptable malicious data into the connection.
An in-window sequence number is one that satisfies the condition, (RCV.NXT ≤ SEG.SEQ ≤ RCV.NXT + RCV.WND) where SEG.SEQ is the guessed sequence number, RCV.NXT sequence number of next byte that receiver expects to receive, RCV.WND are receive window size. To carry out blind attack, large sequence of spoofed packets send. In this sequence, sequence number of a packet is larger than its predecessor by a window