TCP/IP offload: security implications

From: Richard Masoner (nospam@masoner.net)
Date: 02/27/02


From: nospam@masoner.net (Richard Masoner)
Date: 27 Feb 2002 07:57:26 -0800

I'm a coder who writes systems and network code. I also have a strong
interest in information security issues.

Adaptec and Intel have announced gigabit ethernet cards with full
TCP/IP protocol offload in hadware. I think offloading TCP/IP from the
CPU to other hardware makes sense when high wire speeds are involved.
Not infrequently, however, TCP/IP implementations are found to be
vulnerable to attack by malformed packets. Malicious hackers will
intentionally create illegal network packets in an attempt to crash a
network protocol stack. When a vulnerable implementation is hit, the
malformed packet causes the software to go into an undefined state. At
best, the result will be excessive memory usage or degraded
performance. At worst, the result is "wedged" software or even a
kernel panic. For specific examples, see
http://www.cert.org/advisories/CA-2000-21.html ("CERTŪ Advisory
CA-2000-21 Denial-of-Service Vulnerabilities in TCP/IP Stacks").

In a software-only network stack, you just patch the software if a
vulnerability is found. But what do you do if the hardwired protocol
implementation is found to be vulnerable? Can the logic be
re-programmed in the field? Or are you stuck until new hardware is
created?

Richard Masoner
http://www.masoner.net/