Return-Path: <linux-kernel-owner+willy=40w.ods.org@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id <S263321AbTAJIAw>; Fri, 10 Jan 2003 03:00:52 -0500
Received: (majordomo@vger.kernel.org) by vger.kernel.org
	id <S264001AbTAJIAw>; Fri, 10 Jan 2003 03:00:52 -0500
Received: from [212.216.176.185] ([212.216.176.185]:15783 "EHLO
	smtp9.cp.tin.it") by vger.kernel.org with ESMTP id <S263321AbTAJIAw>;
	Fri, 10 Jan 2003 03:00:52 -0500
From: andrea.glorioso@binary-only.com
To: "linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>
Subject: Re: Are linux network drivers really affected by this?
References: <1042116723.2556.3.camel@station3>
MIME-Version: 1.0 (generated by SEMI 1.14.4 - "Hosorogi")
Content-Type: text/plain; charset=US-ASCII
Date: Fri, 10 Jan 2003 09:08:55 +0100
In-Reply-To: <1042116723.2556.3.camel@station3>
 (Nils Petter Vaskinn's message of "09 Jan 2003 13:52:03 +0100")
Message-ID: <87iswx4eaw.fsf@topo.binary-only.priv>
User-Agent: T-gnus/6.15.7 (based on Oort Gnus v0.08) SEMI/1.14.4 (Hosorogi)
 FLIM/1.14.4 (=?ISO-8859-4?Q?Kashiharajing=FE-mae?=) APEL/10.4 MULE
 XEmacs/21.4 (patch 10) (Military Intelligence) (i386-debian-linux)
Sender: linux-kernel-owner@vger.kernel.org
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Length: 1200
Lines: 23

>>>>> "npv" == Nils Petter Vaskinn <nils.petter.vaskinn@itsopen.net> writes:

    npv> http://www.kb.cert.org/vuls/id/412115


    npv> Summary: Some network drivers don't pad ethernet packets with
    npv> nulls, they are filled with "garbage" often from previously
    npv> sent packets. Linux is mentioned as vulnerable.

The paper presented by Olaf Arkin (amongst other) points to some parts
of the linux code where this "vulnerability" exists.  I think Alan Cox
is working on some patches for his tree.  I wonder whether it's better
to null-pad  ethernet packets  or   to fill  them with  random  values
(possibly an overkill, but more resiliant against fingerprinting).

bye,

andrea
--
Andrea Glorioso                   andrea.glorioso@binary-only.com
Binary Only                           http://www.binary-only.com/
Via A. Zanolini, 7/b                  Tel:     +39-348.921.43.79
40126 Bologna                         Fax:     +39-051-930.31.133
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/