Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Can you still trust your network card?

chrisG23 (812077) writes | more than 4 years ago

Security 1

chrisG23 (812077) writes "Today during the CanSecWest http://cansecwest.com/ international conference in Vancouver, members Yves-Alexis Perez and Loic Duflot of ANSSI (French Network and Information Security Agency) described how an attacker could remotely take full control of a particular network card model. Once taken over, (and no interaction with the host operating system was required whatsover) the presenters demonstrated it was possible to enable the remote computer startup, shutdown, and restart commands disabled by default in the NIC firmware. Then the presenters demonstrated remote execution of code on the host computer, obtaining a root level account with a single additional packet.

This particular exploit only works on one particular model of network card, but the implications are staggering as it is almost inevitable that more network cards and other computer devices that have their own registers, memory, processor and firmware, and a means to communicate independently of the host computer, can and will be exploited, again totally independent of the operating system of the host computer. The researchers have contacted the NIC vendor and a patch has been released. The actual exploit code and tools will not be released. Details and an FAQ can be found on the ANSSI website at http://www.ssi.gouv.fr/site_article185.html"

Link to Original Source

cancel ×

1 comment

AMT is the bomb (1)

jimmydevice (699057) | more than 4 years ago | (#31606848)

Did not rtfa, But I can guess it has something to do with Intel's AMT.

Check for New Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...