What's new

Skynet Rapid Reset http2/http3 CVE-2023-44487

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

DJones

Very Senior Member
@Adamm @RMerlin
@dave14305

Disclosed by Cloudflare, Google, AWS a new CVE new security vulnerability CVE-2023-44487 in http2/http3 effecting all platforms.

https://nvd.nist.gov/vuln/detail/CVE-2023-44487

Is their some way Skynet can harden/rate limit against this possible vunerability to http2/http3 DDoS botnet attacks? Well average users probably are not the main target of these botnets AWS, Cloudflare, and large Webserver providers being the usual target. Still giving Edge servers/devices some additional protection would be nice. I know Asus will be far behind on it's patches.
 
Last edited:
I know Asus will be far behind on it's patches.
Anyone could guess that from miles away.

A very effective strategy to clamp down on such clients is to count the number of server resets during a connection, and when that exceeds some threshold value, close the connection with a GOAWAY frame.

I wonder if @Viktor Jaep knows anything about this stuff...🤔

I wonder how @Adamm or @dave14305 will patch this one into skynet. o_O
 
Anyone could guess that from miles away.



I wonder if @Viktor Jaep knows anything about this stuff...🤔

I wonder how @Adamm or @dave14305 will patch this one into skynet. o_O

This only affects people with web servers publicly exposed


This attack was made possible by abusing some features of the HTTP/2 protocol and server implementation details (see CVE-2023-44487 for details). Because the attack abuses an underlying weakness in the HTTP/2 protocol, we believe any vendor that has implemented HTTP/2 will be subject to the attack. This included every modern web server.
 
Thanks for the information, I’ll look at utilizing it on my server. My concern was it could somehow effect the router or server by door knocking ports or something along those lines, but it would probably need to request some kind of file that taxes your available bandwidth. I’m sure it could potentially still be an issue if the ASUS router is exposed to the internet be it interface or smb if your into risks lol.
 

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top