-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Upgrading can be done today on most of the hardware products , almost every product in the field (networking) has a flash RAM which can be changed (shiva devices , routers etc...) , regarding errors in hard-coded software , there are already several patches and updates for many devices . TheOg Liran Cohen Tel. +972-54-898817 bussines: +972-9-9709300 E-mail: mailto:theogat_private - -----Original Message----- From: Richard Masoner [mailto:richardmat_private] Sent: Wednesday, February 27, 2002 4:37 AM To: vuln-devat_private Subject: tcp/ip hardware offload I'd like to bring up for discussion a topic I don't think I've seen before - -- that of possible vulnerabilities in networking code in hardware devices. Specifically, several vendors are developing network adapters with full TCP/IP offload in the hardware. These aren't just cards with a network stack in firmware; a lot of these actually have the protocol implemented in silicon. iReady <http://www.iready.com> is selling the "iChip," which is targeted for lower-end, embedded applications. Adaptec and Intel have announced gigabit network adapters with full protocol offload. Driving these products is the burgeoning market for network storage (iSCSI in particular), and the fact that OS protocol handling can gobble up over half of CPU cycles just to process the incoming network packets. If you offload protocol handling, you free the CPU for other tasks. From a performance perspective, it makes perfect sense. I'll write to these companies for additional details (and hope for a response), but my guess is that the protocol is implemented in some sort of programmable logic on an ASIC, and that these adapters will not be in-circuit upgradeable. The risk I see is the discovery of a vulnerability in these hard-wired "protocol accelerators." What if a malformed packet could throw these adapters into an undefined state? In a software TCP/IP stack, you just patch the operating system and life goes on. What do you do with hardware that's discovered to be vulnerable to DoS attacks? Is there a history of hardware being vulnerable to online DoS attacks like this? Has anyone discussed this already? Regards, Richard Masoner -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com> iQA/AwUBPH35ByXZhGjHgDflEQLoJQCeJQIsgXQEFVINJqedk/ozu/f4KFwAmwb+ KrbeNZKVM08L3ldXzcYCWpsc =z8DU -----END PGP SIGNATURE-----
This archive was generated by hypermail 2b30 : Mon Mar 04 2002 - 14:04:46 PST