Saturday, August 13, 2016

Here's the Linux Fix to disable WPAD ATTACKS

Use the internet? This Linux flaw could open you up to attack

Study Highlights Serious Security Threat to Many Internet Users

"RIVERSIDE, Calif. (www.ucr.edu) — Researchers at the University of California, Riverside have identified a weakness in the Transmission Control Protocol (TCP) of all Linux operating systems since late 2012 that enables attackers to hijack users’ internet communications completely remotely."

tl;dr The FIX

Edit /etc/sysctl.conf to include this line:

net.ipv4.tcp_challenge_ack_limit = 999999999

Then execute this command as root to apply the fix.

# sysctl -p

If you need the Windows Fix:

How to Turn Off (Disable) Web Proxy Auto Discovery (WPAD) in Windows Server 2008 R2

No comments: