dChan
Anonymous ID: 79a074 April 4, 2021, 6:04 a.m. No.13357448   🗄️.is 🔗kun   >>7613

Someone here is using this type of attack on people.

 

My ether ports are dead.

 

This happejned when I first found this place also…

Tried to make it a jukebox or sum chit.

 

Using this attack, we show how an attacker can bypass Firewall and NAT solutions, even when targeting networks directly from the Internet. Combining this attack with fringe use-cases we discovered in the IPv6 implementations in Windows and Linux, we show how an attacker can use this attack to establish a man-in-the-middle position on the Internet traffic of a certain organization, through which he can eavesdrop on corporate communications, or carry out additional attacks.

 

The talk went on to demonstrate that "the set of circumstances in which an Ethernet packet-in-packet condition can occur are much wider than previously considered." The researchers detailed the physical parameters of Ethernet cables "in which the likelihood of a bit-flip is rather high," and in which this attack can occur within a few minutes. In addition, they explored "the various ways in which interference can be induced in a wide array of Ethernet cable types using certain radio attacks, leading to a remote Ethernet packet-in-packet attack occurring within minutes."

 

Lastly, the talk detailed various techniques "in which this attack may be triggered from the Internet, in either 1-click attacks that require a user inside the network to click on a certain link, or certain 0-click attacks that work without any user interaction."

 

"Once the packet-in-packet attack occurs, the attacker can take-over devices using previously discovered vulnerabilities, or establish a MiTM position on an organization's Internet traffic," concluded the researcher's synopsis.

 

As explained by ZDNet's Cimpanu: