-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-03:03.syncookies Security Advisory The FreeBSD Project Topic: Brute force attack on SYN cookies Category: core Module: sys_netinet Announced: 2003-02-24 Credits: Mike Silbersack Affects: FreeBSD 4.5-RELEASE FreeBSD 4.6-RELEASE prior to 4.6.2-RELEASE-p9 FreeBSD 4.7-RELEASE prior to 4.7-RELEASE-p6 FreeBSD 4.7-STABLE prior to the correction date FreeBSD 5.0-RELEASE prior to 5.0-RELEASE-p3 Corrected: 2003-02-23 19:04:58 UTC (RELENG_4) 2003-02-23 20:18:48 UTC (RELENG_5_0) 2003-02-23 20:19:29 UTC (RELENG_4_7) 2003-02-24 02:42:06 UTC (RELENG_4_6) FreeBSD only: YES I. Background SYN cookies are a technique used to mitigate the effects of SYN flood attacks by choosing initial TCP sequence numbers (ISNs) that can be verified cryptographically. FreeBSD implements this technique in the TCP stack (where it is referred to as `syncookies') by default. II. Problem Description The FreeBSD syncookie implementation protects the generated ISN using a MAC that is keyed on one of several internal secret keys which are rotated periodically. However, the keys are only 32 bits in length, allowing brute force attacks on the secrets to be feasible. III. Impact Once a syncookie key has been recovered, an attacker may construct valid ISNs until the key is rotated (typically up to four seconds). The ability to construct a valid ISN may be used to spoof a TCP connection in exactly the same way as in the well-known ISN prediction attacks (see `References'). Spoofing may allow an attacker to bypass IP-based access control lists such as those implemented by tcp_wrappers and many firewalls. Similarly, SMTP and other connections may be forged, increasing the difficulty of tracing abusers. Recovery of a syncookie key will also allow the attacker to reset TCP connections initiated within the same 31.25ms window. IV. Workaround syncookies may be disabled using the `net.inet.tcp.syncookies' sysctl(8). Execute the following command as root: # sysctl net.inet.tcp.syncookies=0 To disable syncookies at system startup time, add the following line to sysctl.conf(5): net.inet.tcp.syncookies=0 V. Solution 1) Upgrade your vulnerable system to 4-STABLE; or to the RELENG_4_7 (4.7-RELEASE-p6), RELENG_4_6 (4.6.2-RELEASE-p9), or RELENG_5_0 (5.0-RELEASE-p3) security branch dated after the correction date. 2) To patch your present system: The following patch has been verified to apply to FreeBSD 4.6, 4.7, and 5.0 systems. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. # fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-03:03/syncookie.patch # fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-03:03/syncookie.patch.asc b) Apply the patch. # cd /usr/src # patch < /path/to/patch c) Recompile your kernel as described in and reboot the system. VI. Correction details The following list contains the revision numbers of each file that was corrected in FreeBSD. Path Revision Branch - ------------------------------------------------------------------------- src/sys/conf/newvers.sh RELENG_5_0 1.48.2.4 RELENG_4_7 1.44.2.26.2.8 RELENG_4_6 1.44.2.23.2.26 src/sys/netinet/tcp_syncache.c RELENG_4 1.5.2.13 RELENG_5_0 1.28.2.3 RELENG_4_7 1.5.2.8.2.1 RELENG_4_6 1.5.2.6.2.2 - ------------------------------------------------------------------------- VII. References -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (FreeBSD) iD8DBQE+Whc6FdaIBMps37IRAgP9AJ4npQ6fYrxATBWOx8AdlKA/03GsggCcC4Br GBDcKjEcnHInChHZVuXYg58= =LfP+ -----END PGP SIGNATURE-----