Re: NetApp Filer software versions 5.x: potential hardware killer

From: James FitzGibbon (jamesat_private)
Date: Sat Feb 13 1999 - 11:04:55 PST

Next message: Gary McGraw: "Applets listening on Sockets in Java"

Previous message: der Mouse: "Re: Mail-Max Remote Buffer Overflow Exploit"
Maybe in reply to: Jason Downs: "NetApp Filer software versions 5.x: potential hardware killer"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, 12 Feb 1999, Kragen Sitaker wrote:

> Once you'd found infected machines, you could exert complete control
> over them.  A particularly obnoxious possibility: you could insert
> "logic bombs" into the disk firmware that would activate only when
> certain (long and rather improbable, perhaps a few hundred bytes) were
> read from the disk.  Then spam people with a .gif containing that
> sequence, along with steganographically-encoded machine code.  They
> extract the .gif onto their disk, nicely aligned with the beginning of
> a sector, and load it up with Netscape.

I think it's important to keep this particular exploit in perspective; an
admin who didn't secure the network the filer was connected to is probably
going to get hit with a much more prevalent DoS or exploit before someone
goes to the trouble of rewriting their firmware.  The amount of
information you'd need to do that is just slightly above writing root
shell exploits when you don't know the architecture you're trying to
attack.

The point on firmware does hold true though.  I think that what we're
seeing here (and will likely continue to see as more appliances hit the
market) is easier administration at the cost of security.  I'll grant that
that is a sweeping statement, but anytime you reduce the core
functionality of a machine to do "just one thing", you lose out on the
flexibiltiy side, and that often includes security.

What NetApp admin wouldn't like to compile up a copy of SSH for their
filer and turn off telnet ?  If the NFS server was a full unix server,
that's a 10 minute task.  With NetApp, the crypto-export laws make it a
two-year plus 10 minute task.

I guess it all comes down to the individual admin.  Do you want a box that
you plug in, configure and leave alone even if it costs you on security,
or do you want a full *nix box that will be very secure, but that you'll
have to keep tabs on every day ?

--
j.

James FitzGibbon                                                jamesat_private
System Engineer, ACC Global Net                   Voice/Fax (416)207-7171/7610

Next message: Gary McGraw: "Applets listening on Sockets in Java"
Previous message: der Mouse: "Re: Mail-Max Remote Buffer Overflow Exploit"
Maybe in reply to: Jason Downs: "NetApp Filer software versions 5.x: potential hardware killer"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:35:10 PDT