Cisco to patent security fix

Last month, Robert Barr, an in-house patent attorney for the company, publicly acknowledged that Cisco has applied for U.S. patents on fixes to a protocol called TCP, or Transmission Control Protocol. A flaw in this protocol, which is used for sending data over the Internet, was discovered last month by security expert Paul Watson, a security specialist for industry automation company Rockwell Automation. Watson's discovery resulted in a worldwide security warning that affected many vendors' products.

Cisco has also acknowledged that it plans to standardize some of the technology outlined in its patent applications. The company submitted an Internet draft to the Internet Engineering Task Force (IETF) on April 19.

The vulnerability allows for what's known as a reset attack, which falsely terminates an established TCP connection or session between two different devices. TCP connections are established between two devices. The way the attack works is that a third device, or hacker, sends a packet that matches the source port and IP address of one of the devices involved in the TCP connection. When the hacker sends a reset packet to one of the devices, it terminates the connection.

Cisco's fix requires the receiver to acknowledge the reset packet by sending a packet back to the sender, thus validating that the reset packet is coming from a valid host. The benefit of Cisco's solution is that devices using the IETF draft would have a greater assurance that the reset packets they are receiving are valid. The other benefit is that it doesn't require every device on the Internet to be upgraded at the same time.

Watson commends Cisco for trying to solve the issue, but he said the new fixes could create other problems.