> It should be pointed out here that ICMP redirects are not the only > kinds of attacks which can be carried out against these devices. > > Our wonderful denial of service friends land, nestea, nestea2, et al, > can wreak havoc on these devices as well. > > Your best bet as a user of these devices is to impose very restrictive > filters, or insure that these systems are not vulnerable to all > of the attacks against IP stacks that have been discovered. A very large number of these embedded devices run the same two or three tcp stacks. Several of them hang when fed a zero length IP option (old KA9Q based). The other thing is nestea/nestea2 can be a pain. The tools may deliver them UDP but they can equally be delivered tcp at port 80, or the lpd port or other similar. This makes it quite hard to firewall Finally some impromptu testing with third parties indicates that the 'all embedded boxes have crashable tcp' theory extends to most of the beta/just being rolled out set top box internet devices from cable companies. Alan
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:25:39 PDT