InterNiche Technologies Posts Fixes for TCP/IP Denial of Service Scenarios; Updates to Firm's NicheStack TCP/IP Embedded Protocol.

Business Editors/High-Tech Writers

SAN JOSE, Calif.--(BUSINESS WIRE)--April 21, 2004

InterNiche Technologies, Inc., a major supplier of Internet and network security protocols stacks used worldwide by network devices and embedded applications OEMs, today announced that they have updated their NicheStack(TM) and NicheLite(TM) stacks to address the TCP (1) (Transmission Control Protocol) The reliable transport protocol within the TCP/IP protocol suite. TCP ensures that all data arrive accurately and 100% intact at the other end. Reset (RST) and SYN Attack vulnerabilities that were disclosed today by the United Kingdom's National Infrastructure and Security Coordination Centre. The use and effect of "spoofed" RST (Reset) and SYN packets on the TCP/IP TCP/IP
in full Transmission Control Protocol/Internet Protocol

Standard Internet communications protocols that allow digital computers to communicate over long distances. Internet communications protocol was detailed today in NISCC NISCC National Infrastructure Security Co-Ordination Centre (UK) Vulnerability Advisory #236929 and in a U.S. Department of Homeland Security Noun 1. Department of Homeland Security - the federal department that administers all matters relating to homeland security
Homeland Security

executive department - a federal department in the executive branch of the government of the United States alert. If exploited, these vulnerabilities could potentially allow a Denial of Service A condition in which a system can no longer respond to normal requests. See denial of service attack. (DoS) attack on any TCP/IP session, forcing a premature termination. Any network service or application that relies on TCP/IP could be impacted.

"InterNiche has been working with the NISCC since first alerted to this vulnerability and on April 8th we informed NISCC that we had examined the scenario, had tested a patch and posted an updated version of our NicheStack IPv4, NicheStack IPv4/IPv6 Dual, and our NicheLite protocol stacks," said Brian Ramsey, Vice President of Marketing at InterNiche. "Embedded applications can be further protected with our IP Security (IPSec) toolkit, which encrypts information at the network layer completely obscuring the 4-tuple TCP address and port information."

Systems and services with persistent TCP/IP connections and relatively easy-to-guess address and port numbers are the most vulnerable targets for this form of DoS, or a Distributed DoS attack if launched from multiple cooperating machines. Border Gateway Protocol Border Gateway Protocol - (BGP) An Exterior Gateway Protocol defined in RFC 1267 and RFC 1268. Its design is based on experience gained with Exterior Gateway Protocol (EGP), as defined in STD 18, RFC 904 and EGP usage in the NSFNet backbone, as described in RFCs 1092 and 1093. (BGP (Border Gateway Protocol) The routing protocol that is used to span autonomous systems on the Internet. It is a robust, sophisticated and scalable protocol that was developed by the Internet Engineering Task Force (IETF). ) routers, Domain Name Servers (DNS (Domain Name System) A system for converting host names and domain names into IP addresses on the Internet or on local networks that use the TCP/IP protocol. For example, when a Web site address is given to the DNS either by typing a URL in a browser or behind the ) and well-know e-commerce sites were identified as potentially affected by this vulnerability.

Availability

InterNiche Technologies has updated its NicheStack v2.0 and NicheLite v2.0 TCP/IP protocol stack products to handle the scenarios described in NISCC Vulnerability Notice #236929. The patch is available to all InterNiche customers in accordance with the terms of their current support agreements.

About InterNiche

InterNiche Technologies has been developing and licensing networking management and configuration software for embedded systems since 1989. Hundreds of thousands of products depend on InterNiche software as part of their core functionality. Customers include companies such as 3COM, Ericsson, Intel, Hewlett Packard, Nortel Networks, Raytheon, Samsung, Siemens, and many more. For more information please contact sales@iniche.com or visit InterNiche on the web at www.iniche.com.

COPYRIGHT 2004 Business Wire
No portion of this article can be reproduced without the express written permission from the copyright holder.

Reader Opinion

Article Details
Printer friendly Cite/link Email Feedback
Publication:	Business Wire
Date:	Apr 21, 2004
Words:	400
Previous Article:	GM Chairman and CEO to Kick-Off AIAG's Auto-Tech 2004.
Next Article:	Friendly Ice Cream Corporation Announces First Quarter Earnings Conference Call.

Related Articles
INTERNICHE TECHNOLOGIES JOINS THE MIPS ALLIANCE PROGRAM AND ANNOUNCES SUPPORT FOR MIPS TECHNOLOGIES LEADING EMBEDDED PROCESSORS.(Company Business and...
TI INTRODUCES PROTOCOL STACK TO SIMPLIFY NETWORK CONNECTION FOR DSP-BASED INTERNET APPLIANCES.(Product Announcement)
GREEN HILLS SOFTWARE LAUNCHES 4.0 OF INTEGRITY REAL-TIME OS.(Product Announcement)
Interpeak unveils next gen TCP/IP protocol stacks.(Interpeak IPLITE TCP/IP 4.0 and 6.0)
A new breed: IP SANs show great promise for networked storage. (Storage Networking).
Velocity Semiconductor debuts first in series of mixed-language microcontrollers.(Velocity Semiconductor Typhoon VS2000)
Overcoming TCP/IP distance and BER limitations.(Connectivity)
The cold hard truth about TCP/IP performance over the WAN.(Storage Networking)(Wide Area Network )(Transmission Control Protocol/Internet Protocol )
InterNiche Extends Specialist TCP/IP Device Networking Leadership with NicheStack 3.0.
No Starch Press.(The eBay Survival Guide)(The TCP/IP Guide: A Comprehensive, Illustrated Internet Protocols Reference)(Brief article)(Book review)