AFP548

URGENT – TCP Sequencing vulnerabilities

punga
I manage a server for a government client who continually scans their network for weakness. For some reason, recently, their scans came up with a medium vulnerability referring to TCP Sequencing. Here is a copy of the report: [quote]Risk Level: Medium tcppred Platforms: Windows 2003: Any version, Windows: XP, AIX: Any version, Mac OS: Any version, Windows 2000: Any version, Windows: 98 Second Edition, SCO Unix: Any version, Windows: 98, Novell NetWare: Any version, Compaq Tru64 UNIX: Any version, Windows: Me, Cisco IOS: Any version, Solaris: Any version, Linux: Any version, IRIX: Any version, HP-UX: Any version, BSD: Any version, DG/UX: Any version, Windows: 95, OS/2: Any version, Windows NT: 4.0 Description: The TCP sequence was found to be predictable. When the TCP sequence is predictable, an attacker can send packets that are forged to appear to come from a trusted computer. These forged packets can compromise services, such as rsh and rlogin, because their authentication is based on IP addresses. Attackers can also perform session hijacking to gain access to unauthorized information. [/quote] I'm having a lot of trouble finding out how to fix this issue, either on Apple's website or via google searching. Lots of papers (dating back 10 years) about it, but no specific steps on how to resolve it for OS X server. The report they sent me includes lots of links to MS and other UNIX related patches, but nothing for OS X. Its critical that I resolve this very soon or they will disconnect the server from the network. Some specifics: Intel X-Serve (specific model escapes me right now because I'm not onsite) Mac OS X Server 10.4.10 Previously configured to comply (mostly) with Common Criteria standards, although a recent call to Apple about an unrelated security audit log issue suggested that the Intel Macs are not certified for Common Criteria, so that could be related. Does anyone know how to fix this issue or could give me some insight? I can give more specifics if you need them. Shawn Punga Senior Macintosh Consultant MacLab
Exit mobile version