Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Exploits-HackingTools
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[REVS] Access over Ethernet: Insecurities in AoE

from [SecuriTeam] Network Security [Permanent Link]
Subject: [REVS] Access over Ethernet: Insecurities in AoE
Date: 28 Sep 2006 09:01:37 +0200 
The following security advisory is sent to the securiteam mailing list, and can 
be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion

The SecuriTeam alerts list - Free, Accurate, Independent.

Get your security news from a reliable source.
http://www.securiteam.com/mailinglist.html 

- - - - - - - - -



  Access over Ethernet: Insecurities in AoE
------------------------------------------------------------------------


SUMMARY

ATA over Ethernet (AoE) is an open standards based protocol which allows 
direct network access to disk drives by client hosts. AoE has been 
incorporated into the mainstream Linux kernel, recently been the subject 
of a Slashdot article, and it appears that it is a SAN technology which is 
here to stay. This paper investigates the insecurities present in the AoE 
protocol and suggests how you can deploy AoE infrastructure without 
worrying about a wide scale compromise.

DETAILS

What is AoE?
ATA over Ethernet (AoE) is an open standards based protocol that allows 
direct network access to disk drives by client hosts. It has been 
developed by Coraid  ( The Linux Storage People ) as a SAN technology and 
it has been adopted for use by many Universities and US Government 
agencies. Coraid provides a hardware AoE cluster implementation called 
EtherDrive . The Coraid website has downloadable case studies from NASA 
and the University of Alaska. The claim is that  AoE delivers a simple, 
high performance, low cost alternative to iSCSI and FibreChannel for 
networked block storage by eliminating the processing overhead of TCP/IP.  
Support for AoE is native in the linux kernel as of version 2.6.11.

AoE is a stateless protocol which consists of request messages sent to the 
AoE server and reply messages returned to the client host. Some messages 
contain ATA commands, and any data associated with the transaction. Other 
messages relate to the Config/Query feature of the protocol, to set and 
query a small amount of out of band data. The formats of these messages 
are simple and have two forms: ATA messages, and Config/Query messages. 
Both share a common header format that facilitates network delivery. AoE 
utilizes the standard Ethernet MAC header for IEEE 802.3 Ethernet frames. 
AoE has a registered Ethernet type of 0x88A2.


ADDITIONAL INFORMATION

The information has been provided by  
<mailto:morgan@security-assessment.com> Morgan Marquis-Boire.
The complete paper can be downloaded from:  
<http://www.security-assessment.com/files/whitepapers/Insecurities_in_AoE.pdf> 
http://www.security-assessment.com/files/whitepapers/Insecurities_in_AoE.pdf



======================================== 


This bulletin is sent to members of the SecuriTeam mailing list. 
To unsubscribe from the list, send mail with an empty subject line and body to: 
list-unsubscribe@securiteam.com 
In order to subscribe to the mailing list, simply forward this email to: 
list-subscribe@securiteam.com 


==================== 
==================== 

DISCLAIMER: 
The information in this bulletin is provided "AS IS" without warranty of any 
kind. 
In no event shall we be liable for any damages whatsoever including direct, 
indirect, incidental, consequential, loss of business profits or special 
damages.
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [REVS] Access over Ethernet: Insecurities in AoE, SecuriTeam <=
Previous by Date:  [UNIX] FreeBSD Local Integer Overflow (i386_set_ldt), SecuriTeam
Previous by Thread:  [UNIX] FreeBSD Local Integer Overflow (i386_set_ldt), SecuriTeam
Indexes:  [Date] [Thread] [Top] [All Lists]