On Tuesday 08 August 2006 14:25, Don Rhodes wrote:
> As it was said on one of the tech podcasts, the attacker needs to be
> within a couple hundred feet. In the end any computer that is effected
> by this driver (and untold number of other drivers) are less likely to
> be attacked with this vuln then one that could come from the Inet.
Not necessarily so. While you're connected to your network at home or
office, you probably are shielded by firewall and/or NAT. That makes
shooting trough security holes a bit more difficult. Exploiting driver
code for wireless card means if your wireless is powered on, you have
let's say - a vulnerability radius of some sort - that extends the reach
from your premises (where you're guarded by firewall, guards or locked
door) to quite a bit of outside world.
This IS really bad for companies, for they can throw away their security
measures if all it takes to get the data is a vulnerable computer
reachable from the car parked outside the well guarded building.
And, there's more - there isn't much defense against this type of attack.
While you're on the LAN, there's antivirus that checks for viruses
entering corporate network, and then some more intrusion detection
systems. Unless you have an IDS on your local machine that is capable of
intercepting this, and specifically this type of attack, there's no
antivirus, antispyare, nor firewall available to protect you.
Currently, if I were the person that wants to enter someone's LAN, and knew
there might be such vulnerable computers, I'd go for that first, while it
is still stealthier than "traditional" intrusion schemes. I'd attack an
user machine (which usually is not that guarded as servers are), sneak in
and work from there. Sometimes just copying documents from that breached
machine (like some managers laptop, for example) is enough to make an
industrial spy happy...
> As it was said on one of the tech podcasts, the attacker needs to be
> within a couple hundred feet. In the end any computer that is effected
> by this driver (and untold number of other drivers) are less likely to
> be attacked with this vuln then one that could come from the Inet.
Not necessarily so. While you're connected to your network at home or
office, you probably are shielded by firewall and/or NAT. That makes
shooting trough security holes a bit more difficult. Exploiting driver
code for wireless card means if your wireless is powered on, you have
let's say - a vulnerability radius of some sort - that extends the reach
from your premises (where you're guarded by firewall, guards or locked
door) to quite a bit of outside world.
This IS really bad for companies, for they can throw away their security
measures if all it takes to get the data is a vulnerable computer
reachable from the car parked outside the well guarded building.
And, there's more - there isn't much defense against this type of attack.
While you're on the LAN, there's antivirus that checks for viruses
entering corporate network, and then some more intrusion detection
systems. Unless you have an IDS on your local machine that is capable of
intercepting this, and specifically this type of attack, there's no
antivirus, antispyare, nor firewall available to protect you.
Currently, if I were the person that wants to enter someone's LAN, and knew
there might be such vulnerable computers, I'd go for that first, while it
is still stealthier than "traditional" intrusion schemes. I'd attack an
user machine (which usually is not that guarded as servers are), sneak in
and work from there. Sometimes just copying documents from that breached
machine (like some managers laptop, for example) is enough to make an
industrial spy happy...
--
Radoslav Dejanoviæ
Operacijski sustavi d.o.o.
http://www.opsus.hr
[ reply ]