Can you still trust your network card? - Agence nationale de la ...

More documents

Recommendations

Info

Real impact Controlling the host Countermeasures ◮ use a patched firmware; ◮ deactivate ASF (not only in the BIOS); ◮ filter ASF and RMCP UDP ports; ◮ use an IOMMU on a supported OS; ◮ deactivate remote administration protocols, or ◮ reserve remote administration to safe/separated networks. ◮ nobody ever enabled ASF on a laptop connected to Internet anyway ◮ is it really safe to assume that? SGDSN/ANSSI – http://www.ssi.gouv.fr/trustnetworkcard 48/51
Real impact Controlling the host Conclusion This vulnerability might seem scary, however remember: But, ◮ few cards support ASF; ◮ fewer cards enable ASF. ◮ ASF is quite simple: ◮ over UDP, ◮ few cryptographic algorithms, ◮ limited number of sessions, ◮ no interaction with the network; ◮ AMT, IPMI, and the other remote management protocols are more complex: ◮ over TCP, ◮ heavy use of webservices (XML-RPC, SOAP, ...), ◮ interactions with the whole network infrastructure (Active Directory, Kerberos, ...). SGDSN/ANSSI – http://www.ssi.gouv.fr/trustnetworkcard 49/51
Page 1 and 2: Can you still trust your network ca
Page 3 and 4: Impacts on security If an attacker
Page 5 and 6: What won’t be described today Thi
Page 7 and 8: Network interface controller The Ne
Page 9 and 10: Network interface controller The Ne
Page 11 and 12: Remote administration protocols ASF
Page 17 and 18: Remote administration protocols RMC
Page 19 and 20: Remote administration protocols RMC
Page 21 and 22: Remote administration protocols Sum
Page 23 and 24: Protocol analysis Protocol security
Page 25 and 26: Protocol analysis Implementation pr
Page 27 and 28: The vulnerability Instrumenting the
Page 37 and 38: The vulnerability Crash analysis Ch
Page 39 and 40: The vulnerability Crash analysis Ex
Page 41 and 42: The vulnerability Crash analysis St
Page 43 and 44: Real impact What can be done in the
Page 45 and 46: Real impact Controlling the host Us
Page 47: Real impact Controlling the host De
Page 51: Real impact Controlling the host Qu

Can you still trust your network card? - Agence nationale de la ...

Create successful ePaper yourself

Delete template?

Save as template?