On Friday, July 15, 2016 at 12:08:54 AM UTC-4, raah...@gmail.com wrote: > On Friday, July 15, 2016 at 12:00:11 AM UTC-4, raah...@gmail.com wrote: > > On Thursday, July 14, 2016 at 11:57:48 PM UTC-4, neilh...@gmail.com wrote: > > > But it's still not clear how these malicious packets can be sent to the > > > network card.... can these be sent after compromising an App VM (via > > > something like a browser exploit)...?? > > > > > > Or can they be sent just purely over the internet itself to any device > > > connected to the web...? Directly send packets just over the web? > > > > > > Or does it require attacking the Net VM, and not just the App VM... > > > however that would be done...? > > > > > > I'm just trying to figure out FROM WHERE the network card could be > > > attacked. > > > > all network packets go to your network card. I'm not sure what you mean? > > It can be attacked from anywhere in the world wide web. > > I guess you are asking me specifically how? I dunno man i'm a noob. I guess > there is many ways, for example reverse shell from buggy dhclient or icmp > packet. or who the heck knows. Probably too many possibilities to list. > Joannas blog mentioned poc from buffer overflow. > > Anothing thing to consider is you have to trust the intel firmware sometimes.
I guess I would also assume wireless network card to be more vulnerable, but maybe someone more expert can reply. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/e765bc89-0ff6-4b5d-9b85-83e25c8f9a14%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
