Controlling computer systems physically or controlling Firewire port of those systems via intrusion could open a Pandora of attacks. For instance, controlling Firewire port like PCMCIA/Cardbus/Express card, etc., could lead to: memory leakage attack, RAM tampering, RAM spoofing, Dumping RAM contents, Grabbing ssh-agent keys, grabbing screen contents, modifying screen contents, bypassing logins/password, etc...
A small epic of unattended leaving of your system is enough for an attacker to grab your desktop session.
Web link [1] contains papers and tools to explain physical memory attacks and analysis them with open source tools. The same links has several pointers to mitigation techniques to counter measure these attacks.
References:
[1] freearchive.com
No comments:
Post a Comment