This guy explains it better than I can, but the meat of it is that a large number of Intel Ethernet controllers in the field are susceptible to a firmware bug that can shut down the Ethernet port remotely.
http://blog.krisk.org/2013/02/packets-of-death.html
Wow. Just, wow.
Meanwhile, Broadcom controllers have their own persistent bugs. Whose Ethernet chipsets can you rely on now?!?
-Adam Thompson
athompso@athompso.net mailto:athompso@athompso.net
On 2013-02-06 Adam Thompson wrote:
Kind of scary. I have countless Intel NICs out in the field. Many are ineternet-facing. Not sure if any are the 82574L, I'll need to check.
Now the question is, is this remotely exploitable via the internet? The secondary page: http://www.kriskinc.com/intel-pod Says "you'll need to be on the same ethernet segment. No routers or VLAN" in between. So does that mean that this can't be triggered by someone in China across to our Shaw/MTS modem connections?
Bugs like this are goofy, and I'd hope that if it is remotely exploitable that Intel makes a fix widely (and easily) available (and known).
Anyone tested it yet? I would offer some boxes as test recipients if someone has.
-
Adam Thompson -
Trevor Cordes