RE: tcp/ip hardware offload

From: Liran Cohen (Theogat_private)
Date: Thu Feb 28 2002 - 01:32:47 PST

Next message: Ron DuFresne: "Re: tcp/ip hardware offload"

Previous message: npcompleter: "Strange behaviour in Win2k"
Maybe in reply to: Richard Masoner: "tcp/ip hardware offload"
Next in thread: Richard Masoner: "RE: tcp/ip hardware offload"
Reply: Richard Masoner: "RE: tcp/ip hardware offload"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Upgrading can be done today on most of the hardware products , almost
every product in the field (networking) has a flash RAM which can be
changed (shiva devices , routers etc...) , regarding errors in
hard-coded software , there are already several patches and updates
for many devices .

TheOg

Liran Cohen 
Tel. +972-54-898817
bussines: +972-9-9709300
E-mail: mailto:theogat_private 

- -----Original Message-----
From: Richard Masoner [mailto:richardmat_private]
Sent: Wednesday, February 27, 2002 4:37 AM
To: vuln-devat_private
Subject: tcp/ip hardware offload


I'd like to bring up for discussion a topic I don't think I've seen
before 
- -- that of possible vulnerabilities in networking code in hardware 
devices.  Specifically, several vendors are developing network
adapters 
with full TCP/IP offload in the hardware.  These aren't just cards
with a 
network stack in firmware; a lot of these actually have the protocol 
implemented in silicon.

iReady <http://www.iready.com> is selling the "iChip," which is
targeted 
for lower-end, embedded applications.  Adaptec and Intel have
announced 
gigabit network adapters with full protocol offload.  Driving these 
products is the burgeoning market for network storage (iSCSI in 
particular), and the fact that OS protocol handling can gobble up
over half 
of CPU cycles just to process the incoming network packets.  If you
offload 
protocol handling, you free the CPU for other tasks.  From a
performance 
perspective, it makes perfect sense.

I'll write to these companies for additional details (and hope for a 
response), but my guess is that the protocol is implemented in some
sort of 
programmable logic on an ASIC, and that these adapters will not be 
in-circuit upgradeable.

The risk I see is the discovery of a vulnerability in these
hard-wired 
"protocol accelerators."  What if a malformed packet could throw
these 
adapters into an undefined state?  In a software TCP/IP stack, you
just 
patch the operating system and life goes on.   What do you do with
hardware 
that's discovered to be vulnerable to DoS attacks?

Is there a history of hardware being vulnerable to online DoS attacks
like 
this?  Has anyone discussed this already?

Regards,

Richard Masoner

-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com>

iQA/AwUBPH35ByXZhGjHgDflEQLoJQCeJQIsgXQEFVINJqedk/ozu/f4KFwAmwb+
KrbeNZKVM08L3ldXzcYCWpsc
=z8DU
-----END PGP SIGNATURE-----

Next message: Ron DuFresne: "Re: tcp/ip hardware offload"
Previous message: npcompleter: "Strange behaviour in Win2k"
Maybe in reply to: Richard Masoner: "tcp/ip hardware offload"
Next in thread: Richard Masoner: "RE: tcp/ip hardware offload"
Reply: Richard Masoner: "RE: tcp/ip hardware offload"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Mar 04 2002 - 14:04:46 PST