Re: Are linux network drivers really affected by this?

From: andrea.glorioso@binary-only.com
Date: Fri Jan 10 2003 - 03:08:55 EST


>>>>> "npv" == Nils Petter Vaskinn <nils.petter.vaskinn@itsopen.net> writes:

    npv> http://www.kb.cert.org/vuls/id/412115

    npv> Summary: Some network drivers don't pad ethernet packets with
    npv> nulls, they are filled with "garbage" often from previously
    npv> sent packets. Linux is mentioned as vulnerable.

The paper presented by Olaf Arkin (amongst other) points to some parts
of the linux code where this "vulnerability" exists. I think Alan Cox
is working on some patches for his tree. I wonder whether it's better
to null-pad ethernet packets or to fill them with random values
(possibly an overkill, but more resiliant against fingerprinting).

bye,

andrea

--
Andrea Glorioso                   andrea.glorioso@binary-only.com
Binary Only                           http://www.binary-only.com/
Via A. Zanolini, 7/b                  Tel:     +39-348.921.43.79
40126 Bologna                         Fax:     +39-051-930.31.133
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/



This archive was generated by hypermail 2b29 : Wed Jan 15 2003 - 22:00:31 EST