On Fri, Mar 01, 2002 at 10:20:05AM +0100, Olivier Hislaire wrote:
Hi,
I've heard about possible attacks below osi levels 2 and 3, i.e. againts the network card driver and the HW or something like that. Does anybody know something about ? Is there somewhere specific documentation / information / tools to document and address that kind of vulnerability ?
Any info appreciated,
Olivier.
The only thing below OSI layer 2 is the physical layer. I've never heard of attacks on the firmware of a network card unless it somehow allows remote flash upgrades or something. I don't think you have much to worry about. Also, remember that TCP/IP doesn't use OSI protocols, it is a 4 layer system that doesn't map very well to the OSI model. Most modern attacks are actually above layer 3 using buffer overflows or flaws in things like web scripting services (CGI, ASP, PHP), FTP servers, Mail servers, etc. And the most popular in the Windows world are executable e-mail attachments. Here are some good security sites to bookmark: http://www.cert.org/ http://www.securityfocus.com/ http://www.antionline.com/ Regards, Keith -- LPIC-2, MCSE, N+ wielder of vi(m), an ancient, dangerous and powerful magic Don't get lost, show no fear, and you'll be ready for a new frontier -- d.w.