The enemy in the network card

[J65nko]

From http://www.h-online.com/security/new...d-1141556.html

Quote:

Security expert Guillaume Delugré, who works for the Sogeti European Security Expertise Center (ESEC), has demonstrated that a rootkit doesn't necessarily have to infest a computer. The expert used freely available tools and documentation to develop custom firmware for Broadcom's NetExtreme network controller. He was then able to conceal a rootkit within the firmware, making it untraceable by the virus scanners usually installed on a PC.

[BSDfan666]

This is one attack vector that's overly practical unless the person knows the card you use, if they happen to be on your subnet, the most they could determine would be vendor.

If you use a card that has a non-socketed/non-upgradeable factory flashed rom, there is perhaps less risk of attack.. it's hard to find something these days not using embedded arm/mips processors, but a proprietary simple ASIC would also make this difficult (..no development toolchain, documentation).

If the firmware is loaded onto the device by the kernel, they would also need to have root access, perhaps even physical access to reduce the chance of temporarily bricking the card.

It's a cool presentation, and impressive that they were able to learn enough to get this far.. but it's definitely chipset specific.

Might be something worth considering, make sure you get your firmware images from a trusted source.. and be wary about purchased cards with socketed roms (..most sockets are PXE boot roms anyway, ASIC rom is often embedded).

[Carpetsmoker]

You can prepare NIC's and sell them (cheap) on ebay.

... I can think of a few more ways to get this sort of "tainted" hardware in the machines of potential victims ...