Slashdot Mirror

← Back to Stories (view on slashdot.org)

Rootkit Could Hide In PCI Cards

Posted by ryuzaki0 on from the or-under-the-bed dept.

Reverse Gear writes "SecurityFocus has an interesting article about a paper published on the possibility of hiding a rootkit in different PCI cards and having the rootkit survive a reboot or cleansing of the hard disk. It seems though that the author of the article doesn't think this would be abused frequently. From the article and paper: '(Because) enough people do not regularly apply security patches to Windows and do not run anti-virus software, there is little immediate need for malware authors to turn to these techniques as a means of deeper compromise.'"

2 of 134 comments (clear)

  1. No need to get so fancy, just use a miniature PC by seifried · · Score: 3, Informative

    From RiskBloggers.com:

    Miniature Computers That Can Break Your Network Wide Open

    One aspect of information security that is often under looked is physical security. While attention is often paid to secure areas containing servers, network equipment and telecommunication gear not as much attention has been paid to the fringes of the network. Although some security standards such as 802.1x and various network access control (NAC) products exist that can be used to address the network fringe they all contain one major weakness.

    Assuming a network has implemented end to end security in the form of 802.1x or a network access control (NAC) solution they all make one major assumption: that a man in the middle attack can't be executed once the end point has authenticated. For example 802.1x addresses this directly, if the network port detects that the connection is dropped it requires the end point to re-authenticate before it's allowed to have network access again. If the network hasn't implemented such a scheme then it becomes trivial to execute a man in the middle attack by physically inserting another computer in between the network equipment and the end machine.

    But that would be pretty obvious wouldn't it? I mean you think a user (even the dullest one) would notice a second machine plugged into their network drop, with their computer daisy chained off of it.

    Maybe. Maybe not.

    Read More

  2. Re:Computers are at their hearts.... by Threni · · Score: 4, Informative

    Whenever someone goes on about `trust` and computers, show them this:

    http://cm.bell-labs.com/who/ken/trust.html

    (Some people attempt to continue babbling, talking of new detection techniques, and expensive hardware, but you'll have done your bit.)