Found, a new rootkit
Mikkel L. Ellertson
mikkel at infinity-ltd.com
Fri Apr 7 19:02:29 UTC 2006
Mike McCarty wrote:
> Tim wrote:
>>
>> I don't have a single Linux box here that listens to the modem. I'd
>> have to install a service to do so. Your MS-DOS box is no more secure
>> than any of them, for that point of attack.
>>
>
> I respectfully disagree with you on this point. Your Linux
> machine has a device driver for that device, while my MSDOS
> machine does not. So you *do* have software listening to
> that device, which software potentially has security compromising
> defects. I have no software on my MSDOS machine which listens
> to the serial port. So if I install a modem on it, it remains
> relatively secure.
>
I fail the see the difference between the Linux driver for a serial
port, and the DOS driver for COM ports, at least as far as security
goes. Nether driver does anything unless there is a program
accessing them. The fact that the serial driver is built in with
MS-DOS, and may be loadable under Linux does not make much
difference. If anything, Linux without the driver loaded would be
slightly more secure.
Now, if you have unusual serial ports under DOS< you may have to
load extra drivers to use them. I have a couple of multi-port
serial cards that need them. But the drivers for COM1 and COM2 are
standard in all versions of DOS. Most also have defaults for COM3
and COM4.
The thing that you are overlooking is that DOS has drivers for most
of the standard hardware ether built in, or accessible through the
system BIOS. If anything, accessing hardware through the system BIOS
can be more of a security risk. You never really know what is in the
BIOS. It is probably safe, as long as you are careful about updates.
Mikkel
--
Do not meddle in the affairs of dragons,
for thou art crunchy and taste good with Ketchup!
More information about the users
mailing list