Can you still trust your network card? - Agence nationale de la ...

More documents

Recommendations

Info

Modern network cards They do not only connect the host to the network. ◮ Hardware architectures are complex: ◮ several processors, ◮ different kind of memories, ◮ multiple network interfaces; ◮ Embedded softwares (firmwares) do more than you think: ◮ remote administration: ASF, IPMI, AMT, etc, ◮ TCP segmentation offloading, ◮ radio with temporal constraints: GSM, 802.11, etc. SGDSN/ANSSI – http://www.ssi.gouv.fr/trustnetworkcard 2/51
Impacts on security If an attacker can execute arbitrary code on the card, she can do virtually anything: ◮ stop processing packets; ◮ drop some packets; ◮ ARP/DNS cache poisoning; ◮ implement SSLstrip-like attacks; ◮ attacks hosts on the LAN; ◮ replace the firmware; ◮ attack the host (read/write access to the main memory). A ”must read” on this topic: Arrigo Triulzi, PacSec08, ”Project Maux Mk.II” SGDSN/ANSSI – http://www.ssi.gouv.fr/trustnetworkcard 3/51
Page 1: Can you still trust your network ca
Page 5 and 6: What won’t be described today Thi
Page 7 and 8: Network interface controller The Ne
Page 9 and 10: Network interface controller The Ne
Page 11 and 12: Remote administration protocols ASF
Page 17 and 18: Remote administration protocols RMC
Page 19 and 20: Remote administration protocols RMC
Page 21 and 22: Remote administration protocols Sum
Page 23 and 24: Protocol analysis Protocol security
Page 25 and 26: Protocol analysis Implementation pr
Page 27 and 28: The vulnerability Instrumenting the
Page 37 and 38: The vulnerability Crash analysis Ch
Page 39 and 40: The vulnerability Crash analysis Ex
Page 41 and 42: The vulnerability Crash analysis St
Page 43 and 44: Real impact What can be done in the
Page 45 and 46: Real impact Controlling the host Us
Page 47 and 48: Real impact Controlling the host De
Page 49 and 50: Real impact Controlling the host Co
Page 51: Real impact Controlling the host Qu

Can you still trust your network card? - Agence nationale de la ...

Create successful ePaper yourself

Delete template?

Save as template?