nanog mailing list archives
Re: verify currently running software on ram
From: Valdis.Kletnieks () vt edu
Date: Mon, 13 Jan 2014 07:44:49 -0500
On Mon, 13 Jan 2014 12:26:02 +0200, Tassos Chatzithomaoglou said:
I'm looking for ways to verify that the currently running software on our Cisco/Juniper boxes is the one that is also in the flash/hd/storage/etc.
In general, asking the operating system if it's pwned is an insoluble problem, because the pwner will of course arrange that the answer to such a query be "No, I'm not pwned". You really need assistance from one layer further down - if you're in a VM, you need to ask the hypervisor. If you're on bare metal, you need to ask the SMM or equivalent. If you're in the SMM, you need to ask the hardware. And of course, at each level, you have to ask yourself how you know that *that* level isn't lying to you.... (Yes, this is the corner of system security where, if you're not already a paranoid schizophrenic, you will be soon.. :)
Attachment:
_bin
Description:
Current thread:
- verify currently running software on ram Tassos Chatzithomaoglou (Jan 13)
- Re: verify currently running software on ram Saku Ytti (Jan 13)
- Re: verify currently running software on ram Saku Ytti (Jan 13)
- Re: verify currently running software on ram Tassos Chatzithomaoglou (Jan 13)
- Re: verify currently running software on ram shawn wilson (Jan 13)
- Re: verify currently running software on ram shawn wilson (Jan 13)
- Re: verify currently running software on ram Saku Ytti (Jan 13)
- Re: verify currently running software on ram Saku Ytti (Jan 13)
- Re: verify currently running software on ram Tassos Chatzithomaoglou (Jan 13)
- Re: verify currently running software on ram Jay Ashworth (Jan 13)