Network Card backdoor crash System

Recently I am working on FPGA. The topic is the IP core of the Ethernet controller. We can embed a powerful backdoor in this scenario. If you know how Ethernet works, you can understand more. Ethernet protocol requirements. First, the network card will accept the data, no matter who sent it. Step 2: Check whether the MAC address is yours. If not, discard it. Step 3: If it is your own MAC address, it will verify CRC, ultra-long frame, ultra-small frame, bytes are incorrect, and half of the errors are discarded. When the problem occurs in the first step, the NIC will inevitably accept the data. If the network adapter is designed to embed such a logic: it receives a specific data, for example, if the MAC header is removed, the IP header is removed, after the TCP or UDP header is removed, the "a1a1a1a1a1a1ax" data will be obtained. Then, the "death mode" of the NIC will be triggered and all write register operations will not be accepted. Therefore, the NIC cannot be closed through the program. The NIC continuously produces "Data interruption received ". The CPU is exhausted, and the user is helpless, and the power can only be shut down. However, this attack is only applicable to devices without operating systems. However, most devices in the embedded field do not have operating systems. This backdoor is very harmful. If there is an operating system, the system generally does not directly interrupt the corresponding Nic, so there is no harm. If the network card is wi-fi, it is more vulnerable to such attacks. As long as the channel is the same, broadcast directly to death. Wired Ethernet, if the router can configure a firewall to filter this information, it is estimated that it will be much better. Nic is so powerful. If another "Peek mode" is triggered, the network adapter sends the data in the cache twice, one as a normal destination, and the other as the IP address of the hacker. You don't know anything. The driver is unknown. Only the vro knows, but the vro thinks it is normal and must be released. Interesting? Therefore, it is too important for NICs to be autonomous. More autonomous than CPU. Now it's ridiculous to think about Godson. It's so easy to get a backdoor from where the CPU goes, so you have to make the CPU independent. The NIC is the portal of a host and is the most vulnerable to attacks. The CPU is protected. Some people say that the CPU backdoor will secretly want the US to send private data. Even if there is a backdoor, I will not write the driver for you, and you will not be able to do anything. A cpu command is not advanced enough to be able to upload data. It must be supported by programs. So it is enough to prevent the CPU backdoor. If we can ensure that there is no backdoor in the code, even if there is a backdoor in the CPU, at most it will be dead.