[mdlug] [mdlug-admin] IEEE 1394a
Aaron Kulkis
akulkis03 at gmail.com
Tue Jul 29 14:00:54 EDT 2008
Jeff Hanson wrote:
> On Sun, Jul 27, 2008 at 12:50 AM, Aaron Kulkis <akulkis03 at gmail.com> wrote:
>> And because it is a peer-to-peer connection with DMA
>> (Direct Memory Access) at the hardware level, an IEEE 1394
>> port is a major security hole on any computer.
>
> According to the Wikipedia article there are some solutions like
> virtual memory mapping:
> http://en.wikipedia.org/wiki/IEEE_1394a#Security_issues
>
> Interesting note on how FreeBSD supports using a debugger with it to
> analyze a crashed system.
If you can debug a crashed system through an IEEE1394 port, then it
is a tremendously huge, unobstructed back door -- virtual memory
or not. The memory mapping makes things only slightly more
difficult -- problem is, kernel space doesn't get swapped out,
and therefore, stays in predictable regions of memory -- and that
is the most useful point of attack against any system.
More information about the mdlug
mailing list