The hardware qualification is a very important issue, recent vulnerabilities discovered in network appliances of various manufacturer have alerted security community once again on the necessity to validate the hardware especially for large consume product.





The last news is related to a vulnerability related to the Intel's 82574L Ethernet controller that expose equipment to risk of "packet of death." Attack.





Kristian Kielhofner identified the cause of the problems after customers experienced random crashes. Researchers at Star2Star after the analysis of lot traffic identified the cause of the problem in the format of a packet managed by a particular VoIP manufacturer. Star2Star 's chief technology officeridentified the cause of the problems after customers experienced random crashes. Researchers at Star2Star after the analysis of lot traffic identified the cause of the problem in the format of a packet managed by a particular VoIP manufacturer.





But as yet it is unclear how widespread the problem is or how other Intel hardware is affected.





The system and Ethernet interfaces would appear fine," "and then after a random amount of traffic the interface would report a hardware error (lost communication with PHY) and lose link. Literally the link lights on the switch and interface would go out. It was dead." Kielhofner, wrote : "





"Nothing but a power cycle would bring it back. Attempting to reload the kernel module or reboot the machine would result in a PCI scan error. The interface was dead until the machine was physically powered down and powered back on. In many cases, for our customers, this meant a truck roll."





"Problem packets had just the right Call-ID, tags, and branches to cause the '2' in the ptime to line up with 0x47f."





The problem is very insidious, Kielhofner's team was able to create packets and target them at particular systems.





"With a modified HTTP server configured to generate the data at byte value (based on headers, host, etc.) you could easily configure an HTTP 200 response to contain the packet of death - and kill client machines behind firewalls!"



