Re: Poisontap security issue of NetworkManager?

Hello Claudius,

On Thu, 2016-11-17 at 12:10 +0100, Claudius Heine wrote:

While reading about the poisontap hack by Samy Kamkar
(, I thought about ideas to prevent that.

Too much drama there. Hijacking the internet connection of a box you
have physical access to is hardly a security issue.

I think the main issue is, that the network device is automatically
setup via dhcp by tools like NetworkManager & co.

That is a feature. You generally want network connectivity when you
plugin a network adapter with a cable in it.

So my question is: Is that more of a system configuration issue or
NetworkManager itself do something to prevent this scenario (e.g. not
starting dhcpcd on new interfaces generally or only while system is

Yes, the feature can be turned off. Check out no-auto-default=* in
NetworkManager.conf(5) manual. In Fedora it's sufficient to install
NetworkManager-config-server package.

However, if you don't trust your USB ports, you may want to set the
sysfs attribute "authorized" to false by default on USB devices.
Perhaps with a udev rule or something.

Thanks and have a nice day,

Have a nice day too!

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]