Vendor : Vienna University
E-mail this page
Related Content
Remember this itemFormat: PDF
Date:
13/08/2009
Firewire Blocker: A Software Defense Against Firewire-Based Physical Security Attacks on Windows Systems
0
0 votes
Overview
This paper presents a software solution to Firewire-based physical security attacks on Microsoft Windows operating systems. In this first proof-of-concept, the FirewireBlocker service is running with SYSTEM privileges in order to be able to enable/disable hardware. While users can normally not interface with service, risk for privilege escalation remains. For example, if users with normal user rights have write access on the executable, they could replace it with a malign piece of software which would then be started with SYSTEM privileges. Future versions should establish the principle of least privilege. Further research is required to identify the fewest required privileges the FirewireBlocker service has to run with in order to be able to serve its purpose.
See also: Intrusion - Tampering, Security Administration
Related whitepapers
- Safety in the Cloud(s): 'Vaporizing' the Web Application Firewall to Secure Cloud Computing
- Messagelabs - IT Security Threats of Today and Tommorrow Webcast Supporting Doc
- The Business Case for a Network Security Assessment
- Securing Shared Virtual Infrastructure With Virtual Firewalls
- Cyberoam UTM Provides Non-Stop Business Security and Connectivity to NDMC
- Anchiva Hardware Scanning Engine
- It's Time to Fix the Firewall: Re-Establishing the Firewall as the Cornerstone of Enterprise Network Security
- Investment in 3Com Security Technology Yields Top Marks for Ibmec Educational Institute
- East Grand Rapids Schools Find Security and Economy With the TippingPoint X505 From 3Com
- Patterns for Application Firewalls
|
|
|
|
ZDNet Asia Top Tech 50 Index
AT&T- Asustek
- Canon
- Convergys
- Ericsson
- Hewlett-Packard
- Infosys
- LogicaCMG
- NTT
- Samsung
- SingTel Group
- Toshiba
- Xerox
- Accenture
- Atos Origin
- Capgemini
- Dell
- France Telecom
- Hitachi
- Intel
- Microsoft
- Nokia
- Satyam Computer Services
- Sony
- Verizon Communications
- ZTE
Overwhelmed by consolidation? Take it in steps.
Learn the 5 steps to data center consolidation - download the whitepaper now.
Choose a career with Accenture in Singapore
A dynamic job opportunity where technology and business intersect
Choose a career with Accenture in Malaysia
A dynamic job opportunity where technology and business intersect
Improving the Security & Management of Active Directory:
See a live demonstration of NetIQ DRA now
The Roots for a Greener World
Discover Hitachi's Environmental Vision 2025 and featured Eco-Products
The Desktop Virtualization Revolution is here!
Find our more with Citrix Simplicity is Power
Master in Organisational Leadership
Part-time masters program from Monash University. Find out more.
Lack of visibility into network issues and performance?
Find out today. Download SolarWinds FREE 30-Day Trial Software here.
IT Salary & Skills Report 2009
Join activeTechPros for free access to the report
- ZDNet.com |
- ZDNet Japan |
- ZDNet.de |
- CNET UK |
- CNET.de |
- Tech Republic |
- BNET |
- MP3.com |
- activeTechPros |
- ZDNet UK |
- ZDNet Korea |
- ZDNet France |
- CNET Australia |
- CNET France |
- Download.com |
- Builder |
- GameSpot
- ZDNet Australia |
- ZDNet Taiwan |
- CNET |
- CNET Taiwan |
- News.com |
- Silicon.com |
- TV.com |
- GameSpot Korea
