Found, a new rootkit

Mike McCarty Mike.McCarty at sbcglobal.net
Mon Apr 10 06:45:18 UTC 2006


Tim wrote:
> On Fri, 2006-04-07 at 14:56 -0500, Mike McCarty wrote:
> 
>>If my MSDOS machine were connected, and someone bombarded the serial
>>port, all that would happen is that the bits would fall on the floor,
>>and the overrun error bit would get set in the UART. With Linux,
>>interrupts would be generated, and the driver would accept the bytes,
>>buffer them, and eventually dump the input. (Unless something has
>>changed since the last time I looked at the Linux serial drivers.)
> 
> 
> Are you saying that unexpected data coming through your COM port
> wouldn't generate IRQ messages (COM ports have an IRQ), which would be
> kicking the CPU quite hard?  That's not exactly a trivial thing to
> ignore.

The BIOS and MSDOS do not enable interrupts on the UART devices,
hence the CPU doesn't see any requests.

Please don't lecture me about MSDOS systems programming. I wrote my
first interrupt driven serial comm package for MSDOS in 1985.

Mike
-- 
p="p=%c%s%c;main(){printf(p,34,p,34);}";main(){printf(p,34,p,34);}
This message made from 100% recycled bits.
You have found the bank of Larn.
I can explain it for you, but I can't understand it for you.
I speak only for myself, and I am unanimous in that!




More information about the users mailing list