Dave at 19:01, 24 December 2004

2004-12-24T19:01:10Z

Jimbo at 18:29, 24 December 2004

2004-12-24T18:29:55Z

New page

'''Race condition''' is a technical term for a type of vulnerability in which an attack can be mounted during a narrow window of time. For example, if your system has a [[firewall]] installed with a [[default allow]] ruleset, when you first start the machine (or when you reload the ruleset) there will be a window of time in which the firewall rules restricting traffic to potentially vulnerable areas are not activated, and a network attacker could get at those ports unhindered. This is called a "race" condition because the attacker is "racing" your system to the finish line - trying to get the attack accomplished before the window of opportunity closes.

While this might not sound like a big deal - after all, on most systems it only takes a few hundredths of a second to load a firewall ruleset - exploiting a race condition is one of the classic methods of compromising an otherwise secure machine. One method of successfully exploiting a potential race condition is to simply "flood" that machine with attack attempts fast enough that if the machine reboots or otherwise opens up the race window, one of the attacks will get through. Another is a multi-staged attack - if you know a good way to force the machine to reboot (or to reload the service with the race condition), you first do that and follow it up immediately with a scripted attack which will get through before the window closes.
[[Category:FreeBSD Terminology]]

← Older revision		Revision as of 19:01, 24 December 2004
Line 2:		Line 2:

	While this might not sound like a big deal - after all, on most systems it only takes a few hundredths of a second to load a firewall ruleset - exploiting a race condition is one of the classic methods of compromising an otherwise secure machine. One method of successfully exploiting a potential race condition is to simply "flood" that machine with attack attempts fast enough that if the machine reboots or otherwise opens up the race window, one of the attacks will get through. Another is a multi-staged attack - if you know a good way to force the machine to reboot (or to reload the service with the race condition), you first do that and follow it up immediately with a scripted attack which will get through before the window closes.		While this might not sound like a big deal - after all, on most systems it only takes a few hundredths of a second to load a firewall ruleset - exploiting a race condition is one of the classic methods of compromising an otherwise secure machine. One method of successfully exploiting a potential race condition is to simply "flood" that machine with attack attempts fast enough that if the machine reboots or otherwise opens up the race window, one of the attacks will get through. Another is a multi-staged attack - if you know a good way to force the machine to reboot (or to reload the service with the race condition), you first do that and follow it up immediately with a scripted attack which will get through before the window closes.
		+
		+	Note that this is not limited to firewalls or security, but can appear in any flawed logic scheme or program.
		+
		+	See also: http://en.wikipedia.org/wiki/Race_condition
		+
	[[Category:FreeBSD Terminology]]		[[Category:FreeBSD Terminology]]

Race condition - Revision history

Dave at 19:01, 24 December 2004

Jimbo at 18:29, 24 December 2004