On Thu, 2016-11-17 at 12:10 +0100, Claudius Heine wrote:
Hi! While reading about the poisontap hack by Samy Kamkar (https://samy.pl/poisontap/), I thought about ideas to prevent that. I think the main issue is, that the network device is automatically setup via dhcp by tools like NetworkManager & co. So my question is: Is that more of a system configuration issue or can NetworkManager itself do something to prevent this scenario (e.g. not starting dhcpcd on new interfaces generally or only while system is locked)? Thanks and have a nice day, Claudius
Hi, alternatively, the malisious guy could just plug-in an ethernet cable (connected to his raspi). Chances are good that there is a NetworkManager connection for the ethernet, with DHCP and autoconnect. The user can prevent that, by configuring "no-auto-default" and disabling autoconnect for all his connections. Well actually... usually DHCP connections go down when carrier is lost. However, they don't go down immediately but only after a short timeout. Thus, the attacker could also quickly unplug the cable and re-plug his MITM device. In this case the connection doesn't even go down... and autoconnect doesn't come into play. Unsurprisingly, with phyiscal access to the machine you can perform various forms of MITM. Connections can be restricted to a user via "connection.permissions". Such connections can only autoconnect when a session for the user exists. But that doesn't consider whether the session is active (or locked). maybe the user should just set flight-mode when the screen is locked... than the policy is entirely outside of NetworkManager. Thomas
Attachment:
signature.asc
Description: This is a digitally signed message part