Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Bugtraq
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Whitepaper] - Access over Ethernet: Insecurities in AoE

from [Morgan Marquis-Boire] Network Security [Permanent Link]
Subject: [Whitepaper] - Access over Ethernet: Insecurities in AoE
Date: Wed, 27 Sep 2006 00:03:49 +1200 
Access over Ethernet: Insecurities in AoE
------------------------------------------

ATA over Ethernet (AoE) is an open standards based protocol
which allows direct network access to disk drives by client
hosts.
AoE has been incorporated into the mainstream Linux kernel, 
recently been the subject of a Slashdot article, and it
appears that it is a SAN technology which is here to stay.
This paper investigates the insecurities present in the AoE
protocol and suggests how you can deploy AoE infrastructure
without worrying about a wide scale compromise.


The paper can be downloaded from the whitepapers section of
our website. 
http://www.security-assessment.com

Morgan Marquis-Boire
Security Consultant
Security-Assessment.com Ltd
------------------------------------------------------------
CONFIDENTIALITY NOTICE: 
This message and any attachment(s) are confidential and 
proprietary. They may also be privileged or otherwise protected 
from disclosure. If you are not the intended recipient, advise 
the sender and delete this message and any attachment from your
system. If you are not the intended recipient, you are not 
authorised to use or copy this message or attachment or disclose
the contents to any other person. Views expressed are not 
necessarily endorsed by Security-Assessment.com Limited. Please
note that this communication does not designate an information 
system for the purposes of the New Zealand Electronic 
Transactions Act 2002.
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [Whitepaper] - Access over Ethernet: Insecurities in AoE, Morgan Marquis-Boire <=
Previous by Date:  PHP Invoice 2.2 (Billing and client Management) home.php Xss vuln., meto5757
Next by Date:  [Full-disclosure] rPSA-2006-0173-1 openoffice.org, rPath Update Announcements
Previous by Thread:  PHP Invoice 2.2 (Billing and client Management) home.php Xss vuln., meto5757
Next by Thread:  [Full-disclosure] rPSA-2006-0173-1 openoffice.org, rPath Update Announcements
Indexes:  [Date] [Thread] [Top] [All Lists]