In theory (I haven't tested it yet) it is remotely exploitable across routers. His *test* does require you to be on the same subnet. -Adam
Trevor Cordes trevor@tecnopolis.ca wrote:
On 2013-02-06 Adam Thompson wrote:
This guy explains it better than I can, but the meat of it is that a large number of Intel Ethernet controllers in the field are susceptible to a firmware bug that can shut down the Ethernet port remotely.
Kind of scary. I have countless Intel NICs out in the field. Many are ineternet-facing. Not sure if any are the 82574L, I'll need to check.
Now the question is, is this remotely exploitable via the internet? The secondary page: http://www.kriskinc.com/intel-pod Says "you'll need to be on the same ethernet segment. No routers or VLAN" in between. So does that mean that this can't be triggered by someone in China across to our Shaw/MTS modem connections?
Bugs like this are goofy, and I'd hope that if it is remotely exploitable that Intel makes a fix widely (and easily) available (and known).
Anyone tested it yet? I would offer some boxes as test recipients if someone has. _______________________________________________ Roundtable mailing list Roundtable@muug.mb.ca http://www.muug.mb.ca/mailman/listinfo/roundtable