ATA over Ethernet (AoE) is an open standards based protocol which allows direct network access to disk drives by client hosts. AoE has been incorporated into the mainstream Linux kernel, recently been the subject of a Slashdot article, and it appears that it is a SAN technology which is here to stay. This paper investigates the insecurities present in the AoE protocol and suggests how you can deploy AoE infrastructure without worrying about a wide scale compromise.

AoE is a stateless protocol which consists of request messages sent to the AoE server and reply messages returned to the client host. Some messages contain ATA commands, and any data associated with the transaction. Other messages relate to the Config/Query feature of the protocol, to set and query a small amount of out of band data. The formats of these messages are simple and have two forms: ATA messages, and Config/Query messages. Both share a common header format that facilitates network delivery. AoE utilizes the standard Ethernet MAC header for IEEE 802.3 Ethernet frames. AoE has a registered Ethernet type of 0x88A2.

The link for this article located at SecuriTeam is no longer available.