Security Incidents mailing list archives
Re: Security Issues with Wake on Lan (WOL)
From: Valdis.Kletnieks () vt edu
Date: Mon, 01 Nov 2004 16:46:48 -0500
On Mon, 01 Nov 2004 13:26:08 PST, Paul Beckman said:
for many disparate customers. One component has recently asked for us to enable ip broadcasts (something we kept disabled on our routers for security) so as to use the functionality of Wake on Lan (WOL)
Unintended consequences - if you have enough machines that go to sleep with WOL enabled to make supporting it worth doing, does your power infrastructure have the ability to power up that many systems at the same time (note that for the purposes of power-up drain, even a flood of several thousand ping packets to sequential addresses is "the same time"). Power-up drain (notably spinning up disks) is *much* higher than the steady-state drain. Another issue - if an attacker can power up an unpatched or misconfigured or otherwise vulnerable machine, they can then do what they want to it all night.....
Attachment:
_bin
Description:
Current thread:
- Security Issues with Wake on Lan (WOL) Paul Beckman (Nov 01)
- Re: Security Issues with Wake on Lan (WOL) Valdis . Kletnieks (Nov 01)
- Re: Security Issues with Wake on Lan (WOL) Russell Fulton (Nov 02)
- Re: Security Issues with Wake on Lan (WOL) Valdis . Kletnieks (Nov 01)