Iyo TCP / IP protocol inotevera, yakagadzirwa pasi pehutongi hweUnited States department reDziviriro, yakagadzira nyaya dzekuchengetedza kune prototi dhizaini kana kune akawanda TCP / IP kuitisa.
Sezvo zvakaratidzwa kuti vabiridzi vanoshandisa izvi zvinokuvadza kuita kurwisa kwakasiyana siyana pamahurongwa. Zvakajairika nyaya dzinoshandiswa muTCP / IP suite yemaprotocol ndeye IP spoofing, port scanning, uye kuramba kwebasa.
ari Nyanzvi dzeNetflix dzakawana zvikanganiso zvina izvo zvinogona kukuvadza nzvimbo dzedata. Uku kunetseka kuchangobva kuwanikwa muLinux uye FreeBSD masisitimu anoshanda. Vanobvumira vabiridzi kuvhara pasi maseva uye kukanganisa kutaurirana kure.
Nezve zvipembenene zvakawanikwa
Iyo yakanyanya kukuvadza, inonzi SACK Panic, inogona kushandiswa nekutumira yakasarudzika TCP yekubvuma kuteedzana yakanyatsogadzirirwa komputa isinganetsi kana sevha.
Iyo sisitimu ichaita nekurovera kana kupinda muKernel Panic. Kubudirira kubiridzira kweichi chinetso, chinozivikanwa seCVE-2019-11477, kunoguma kurambwa kuri kure kwebasa.
Kuramba kwekurwiswa kwebasa kuyedza kutora zvese zvakakosha zviwanikwa pane yakatarwa sisitimu kana network kuitira kuti zvisawanikwe kune zvakajairika kushandiswa. Kuramba kwekurwiswa kwebasa kunoonekwa sengozi yakakura nekuti vanogona kukanganisa bhizinesi uye zviri nyore kuita.
Yechipiri kunetseka inoshandawo nekutumira akateedzana emaSACKs akashata (malicious confirmation packets) anoshandisa macomputer zviwanikwa zvedambudziko. Iwo mashandiro anowanzo shanda nekukamura mutsetse wekutamisazve kwePCP mapaketi.
Kushandiswa kweichi chinetso, chakateedzerwa seCVE-2019-11478, inokanganisa zvakanyanya mashandiro ehurongwa uye inogona kukonzera kurambwa kwakazara kwebasa.
Uku kunetseka kwechipiri kunoshandisa nzira mashandiro anoita mashandiro ataurwa pamusoro apa Selective TCP Kuzivisa (SACK kwenguva pfupi).
SACK inzira inobvumidza komputa yemugamuchiri wekutaurirana kuudza anotumira zvikamu zvipi zvatumirwa zvinobudirira, kuitira kuti izvo zvanga zvarasika zvidzorerwe. Izvo zvinokuvadza zvinoshanda nekufashukira mutsara uyo zvitoro zvakagamuchira mapaketi.
Kushushikana kwechitatu, kwakawanikwa muFreeBSD 12 uye kuzivisa CVE-2019-5599, Inoshanda nenzira imwecheteyo seCVE-2019-11478, asi inopindirana neRack kutumira kadhi reiyi inoshanda system.
Yechina kunetseka, CVE-2019-11479., Inogona kudzora pasi zvakakanganiswa masystem nekudzora yakanyanya chikamu chikamu cheiyo TCP yekubatanidza.
Uku kumisikidza kunomanikidza masisitimu anotambura kutumira mhinduro pamusoro pezvikamu zvakawanda zveTCP, imwe neimwe iine mabheti masere chete e data.
Izvo zvinokuvadza zvinokonzeresa kuti sisitimu inoshandisa yakawanda bandwidth uye zviwanikwa kudzikisira mashandiro ehurongwa.
Izvo zvataurwa pamusoro apa zvekuramba kwekurwiswa kwebasa zvinosanganisira ICMP kana mafashama eDP, iyo inogona kudzikisira mashandiro enetiweki.
Kurwiswa uku kunoita kuti anenge akuvadzwa ashandise zviwanikwa senge bandwidth uye system buffers kupindura kurwisa zvikumbiro nekubhadharisa zvikumbiro zvine musoro.
Nyanzvi dzeNetflix dzakaona kusagadzikana uku uye vakazvizivisa pachena kwemazuva akati wandei.
Kugoverwa kweLinux kwakaburitsa zvigamba zveizvi kusagadzikana kana kuve neanobatsira chaiwo ekugadzirisa tweaks anoadzikamisa.
Mhinduro ndeyekuvhara kubatana nehuremu hwakaderera chidimbu chidimbu (MSS), kudzima SACK kugadzirisa, kana kukurumidza kudzima iyo TCP Rack stack.
Aya marongero anogona kukanganisa kubatana kwechokwadi, uye kana iyo TCP Rack stack yakaremara, anorwisa anogona kukonzera kudhura kunamatira kwerunyorwa rwakabatanidzwa rweanotevera maSACK akawanikwa kune akafanana TCP kubatana.
Chekupedzisira, ngatirangarirei kuti iyo TCP / IP protocol suite yakagadzirirwa kushanda munzvimbo yakatendeseka.
Iyo modhi yakagadziridzwa seyakagadzika setika, inokanganisika-inoshivirira maprotocol ayo akasimba zvakakwana kudzivirira kukundikana mune chiitiko cheimwe kana kupfuura kukundikana kwenzvimbo.