lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date: Wed, 27 Sep 2006 00:03:49 +1200
From: "Morgan Marquis-Boire" <morgan@...urity-assessment.com>
To: <bugtraq@...urityfocus.com>
Subject: [Whitepaper] - Access over Ethernet: Insecurities in AoE

Access over Ethernet: Insecurities in AoE
------------------------------------------

ATA over Ethernet (AoE) is an open standards based protocol
which allows direct network access to disk drives by client
hosts.
AoE has been incorporated into the mainstream Linux kernel, 
recently been the subject of a Slashdot article, and it
appears that it is a SAN technology which is here to stay.
This paper investigates the insecurities present in the AoE
protocol and suggests how you can deploy AoE infrastructure
without worrying about a wide scale compromise.


The paper can be downloaded from the whitepapers section of
our website. 
http://www.security-assessment.com

Morgan Marquis-Boire
Security Consultant
Security-Assessment.com Ltd
------------------------------------------------------------
CONFIDENTIALITY NOTICE: 
This message and any attachment(s) are confidential and 
proprietary. They may also be privileged or otherwise protected 
from disclosure. If you are not the intended recipient, advise 
the sender and delete this message and any attachment from your
system. If you are not the intended recipient, you are not 
authorised to use or copy this message or attachment or disclose
the contents to any other person. Views expressed are not 
necessarily endorsed by Security-Assessment.com Limited. Please
note that this communication does not designate an information 
system for the purposes of the New Zealand Electronic 
Transactions Act 2002.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ