Vulnerability Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Positive uses for rootkits -> off-topic: booting tricks.

From: ze Snark <zesnark () YAHOO COM>
Date: Wed, 28 Mar 2001 15:47:06 -0800
I guess you now know why I usually have my kernel on a write-protected
bootdisk. The PC server default-boots from that disk. Many attackers are
not smart enough to modify the CMOS bios boot options before rebooting.
Even if they did, the boot-device is a SCSI harddisk on an SCSI controller
that has no boot-bios (NCR cheapo-controller), so it might be *really*
impossible to hack anything this way. And no IDE devices !


On certain classes of hardware you could also replace the BIOS with the
kernel, thus bypassing the entire BIOS threat entirely.

z


__________________________________________________
Do You Yahoo!?
Get email at your own domain with Yahoo! Mail.
http://personal.mail.yahoo.com/?.refer=text
Previous By Date Next
Previous By Thread Next

Current thread: