Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Easily spoofed traffic can crash routers, Juniper warns


07 Jan 2010   #1
JMH

Win 7 Ultimate 64-bit. SP1.
 
 
Easily spoofed traffic can crash routers, Juniper warns

Quote:
Juniper Networks is warning customers of a critical flaw in its gateway routers that allows attackers to crash the devices by sending them small amounts of easily-spoofed traffic.
In an advisory sent Wednesday afternoon, the networking company said a variety of devices could be forced to reboot by sending them internet packets with maliciously formed TCP options. The flaw affects versions 3 through 10 of Junos, the operating system that powers devices at ISPs, backbones, and other large networks. Software releases built on or after January 28, 2009 have already fixed the issue.
More -
Easily spoofed traffic can crash routers, Juniper warns ? The Register


My System SpecsSystem Spec
.

07 Jan 2010   #2

 

"Because of Juniper's 'Entitled Disclosure Policy,' only our customers and partners are allowed access to the details of the Security Advisory," the spokeswoman wrote.

Microsoft tried to keep details of advisories secret years ago and it did no one any good whatsoever and the question I heard Microsoft consistently asked is How many years has it been there and exploited? Juniper is not the only technically competent people using the internet and their hardware and so should grow up
My System SpecsSystem Spec
08 Jan 2010   #3

Windows 7 Profession 64-bit
 
 

There are a couple disturbing issues here.

1. Software releases built on or after January 28, 2009 have already fixed the issue. So the fix has been out there for a year - if this is still a problem, then the ISP is at fault for not upgrading their software, not Juniper. Now granted, updating software on major network/ISP routers is a big ordeal, but a year is long enough to schedule the outage and do the upgrade.

2. I don't think the Microsoft comparison is a fair comparison. First, the goal of keeping these vulnerabilities secret is to minimize the information getting to all the wannabe hackers out there until a fix could be developed and pushed out. The problem with MS in the past was XP. XP was designed (at user request) to support [unsafe] legacy (DOS Era) and expensive hardware and software. Security was not that big a deal for home users when XP was created. High speed access to the home was almost non-existent. The problem with MS was their PR people trying to spin the story when it broke when they should have just been straight with the public. The "cover-up" is almost always worse than the actual crime.

In this case with Juniper, it says,
Quote:
only our customers and partners are allowed access to the details of the Security Advisory
I see nothing wrong with that - AS LONG AS that information is readily available to those affected. Customers should notified, and not find out by reading a press bulletin.
My System SpecsSystem Spec
.


Reply

 Easily spoofed traffic can crash routers, Juniper warns




Thread Tools



Similar help and support threads for2: Easily spoofed traffic can crash routers, Juniper warns
Thread Forum
Researcher warns about critical flaw in D-Link routers Security News
FileVault 2 easily decrypted, warns Passware Security News
Symantec: Scammers Spreading Malware Via Spoofed Scanner Attachments Security News
IPSec VPN with a Juniper Netscreen Network & Sharing
How Easily it Crashes General Discussion
Juniper Network Connect 6 for VPN access System Security

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 07:04 AM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33