undefined | Better HN

Skip to content

Top Best Ask Show New Jobs

0 pointsEvanAnderson13y ago0 comments

It sounds like the vulnerability could be used to bring down any machine you can send an arbitrary Ethernet frame to. (I immediately wonder if it works for broadcast frames? Sounds like a way to take down a LAN full of machines quickly if it does.)

Edit: Per http://www.kriskinc.com/intel-pod it does work on broadcast frames. Yikes!

0 comments

5 comments · 1 top-level

samstave13y ago· 4 in thread

Heh, yeah and he pretty much gives all the info on how to create the attack.

The test would be to find out how common that particular NIC is out there - and grab a few and test out his method.

Looks like it would be fairly trivial to setup duplication given the author did all the heavy lifting in finding this. Putting a small AWS bot-net up that just sweeps massive IP blocks would be easy - heck you could do it really easily from a single machine, it would seem.

If you can take out a machine with a single packet....

jacquesm13y ago

Just to be on the safe side I just checked all my machines, the majority have broadcom cards, the three that have intel cards are all another type. I think I'll sleep soundly tonight but I felt compelled to check.

samstave13y ago

That was a very responsible thing to do. :)

martinced13y ago

"he pretty much gives all the info on how to create the attack"

And the more disruptive the attack the better. Because it shall help have better process put into place, at every level, to mitigate such issues in the future.

The last thing I want is a deadly packet not breaking havoc only because it's payload is not known.

If a single packet can bring down a big part of the net, then by all means make it happen and make it as bad you can. And then we can start thinking about how to build a more reliable and more secure net.

samstave13y ago

Oh, I agree.

I have a total digital schadenfreude for such things, except for stuxnet and duqu which are evil and scary.

j / k navigate · click thread line to collapse