Ping a Specific Port

Question

Edward_178118

Asked: 2019-09-04 06:49:26 +0800 CST2019-09-04 06:49:26 +0800 CST 2019-09-04 06:49:26 +0800 CST

Microarchitectural Data Sampling a concern for servers not on the internet?

772

I noticed in the logs this message which relates to Microarchitectural Data Sampling:

kernel: MDS CPU bug present and SMT on, data leak possible. See https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/mds.html for more details.

The URL refers to Microarchitectural Data Sampling. The wiki pages on it states, "...vulnerability can be used by hackers exploiting the vulnerability to steal information recently accessed by the affected microprocessor."

If a server isn't on the internet, being used on a LAN as an intranet server, is this vulnerability a valid concern?

Even if it were on the internet, how could a hacker gain access to the microprocessor to steal information because of MDS?

I see one of the solutions is to disable hyper-threading but performance would suffer.

Final question, is security the only concern for MDS or is this known to cause other problems?

1 Answers

Voted

John Mahowald · Answer 1 · 2019-09-05T15:08:17+08:00

The term MDS was given to this vulnerability; security is the entire point of this thing.

Microarchitectural Data Sampling is a hardware vulnerability which allows unprivileged speculative access to data which is available in various CPU internal buffers.

Threats come from sources other than the Internet. Imagine running a container image some developer imported into your infrastructure. Which uses a MDS side channel attack to disclose private keys from the host or other containers!

User space code using regular instructions to infer the ghost of data it shouldn't see.

This type of attack is mostly (entirely?) theoretical at this point. Not easy to exploit, requires inferring cache values without control of which memory addresses. However, the mere possibility of leaking data across hosts, guests, and containers is Bad. This warning is informing you, in case you want to do something about it.

Full mitigation is kernel + microcode + disable SMT (aka HT). Take the kernel and the microcode for sure, those include other security and quality updates. Try disabling SMT in your server hardware or with the Linux boot option. If performance is too much of a hit, make a risk assessment about running with HT.

Resources section of Intel's MDS page is a good index of several OS and hardware vendors.

This only affects Intel processors. AMD or architectures other than x86 are not affected by MDS specifically.

Microarchitectural Data Sampling a concern for servers not on the internet?

Can you pass user/pass for HTTP Basic Authentication in URL parameters?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?