Can you still trust your network card? - Agence nationale de la ...
Can you still trust your network card? - Agence nationale de la ...
Can you still trust your network card? - Agence nationale de la ...
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Real impact Controlling the host<br />
Conclusion<br />
This vulnerability might seem scary, however remember:<br />
But,<br />
◮ few <strong>card</strong>s support ASF;<br />
◮ fewer <strong>card</strong>s enable ASF.<br />
◮ ASF is quite simple:<br />
◮ over UDP,<br />
◮ few cryptographic algorithms,<br />
◮ limited number of sessions,<br />
◮ no interaction with the <strong>network</strong>;<br />
◮ AMT, IPMI, and the other remote management protocols are<br />
more complex:<br />
◮ over TCP,<br />
◮ heavy use of webservices (XML-RPC, SOAP, ...),<br />
◮ interactions with the whole <strong>network</strong> infrastructure<br />
(Active Directory, Kerberos, ...).<br />
SGDSN/ANSSI – http://www.ssi.gouv.fr/<strong>trust</strong><strong>network</strong><strong>card</strong> 49/51