Bugtraq mailing list archives
Re: Firewire Attack on Windows Vista
From: Nathanael Hoyle <nhoyle () hoyletech com>
Date: Fri, 07 Mar 2008 13:59:03 -0500
Tonnerre Lombard wrote:
There is a quite viable technical solution in the form of a patch whichsolves most of these problems.
<snip>
Tonnerre
To what are you referring? I am aware of only a few defenses against firewire attacks:1) disable firewire - ideally in the system BIOS, alternately at the OS level; on some sites I've seen firewire header pins snapped off of the motherboard.
2) refuse to enable DMA for a firewire device, also preventing many devices from working properly, e.g. the linux approach
The only approach I am aware of that might be called a 'viable technical solution' was just demonstrated at BlackHat for altering the content of the DMA controller to redirect certain memory accesses. I do not believe this has been turned into anything like a usable tested patch for any major operating system to defend it's privileged kernel memory, and unless API's were created to designate the need for 'secured' memory storage for things like passwords to be stored in these areas that the DMA controller directed away from... I don't think this is yet a viable solution. I think it is the beginning of an idea for one though.
Did you have something else in mind? If so, what is holding back implementation?
-Nathanael
Current thread:
- Re: [Full-disclosure] Firewire Attack on Windows Vista, (continued)
- Re: [Full-disclosure] Firewire Attack on Windows Vista Stefan Kanthak (Mar 10)
- Re: [Full-disclosure] Firewire Attack on Windows Vista Ansgar -59cobalt- Wiechers (Mar 10)
- Re: Firewire Attack on Windows Vista Steve Shockley (Mar 11)
- Re: Firewire Attack on Windows Vista Stefan Kanthak (Mar 13)
- Re: [Full-disclosure] Firewire Attack on Windows Vista FD (Mar 11)
- RE: Firewire Attack on Windows Vista Thor (Hammer of God) (Mar 07)
- Re: Firewire Attack on Windows Vista Daniel O'Connor (Mar 06)
- Re: Firewire Attack on Windows Vista Tonnerre Lombard (Mar 06)
- RE: Firewire Attack on Windows Vista bzhbfzj3001 (Mar 06)
- Re: Firewire Attack on Windows Vista Tonnerre Lombard (Mar 07)
- Re: Firewire Attack on Windows Vista Nathanael Hoyle (Mar 07)