[Dshield] door opener

security@admin.fulgan.com security at admin.fulgan.com
Fri Aug 24 14:11:30 GMT 2001


ML> You might be overreacting.Does anyone know if its possible for a hacker to
ML> affect the bios of a
ML> system?

ML> I sincerely doubt it.  Most (all?) BIOS updates require rebooting
ML> with a floppy that flashes the BIOS.  I just did one of these on my
ML> laptop yesterday.  There's no way someone without physical access
ML> to the system can do one of these, unless you happen to keep a scratch
ML> floppy in your A: drive....

Well, that's incorrect: One can rewrite the boot sector of the HD to
point to a BIOS update code before restoring the normal boot sector
and running it afterward. This would, however, require your cracker to
know what BIOS you're using. This would also implies there could be
something of interest to do in there and, beside destroying your
computer, I really don't see what that could be...

ML> On last format this drive seemed to remember stuff
ML> it should
ML> related to internet connections. I could just be ultra paranoid about
ML> that one but it sure did seem that way.

ML> What did it remember?Does anyone know how to remove unneeded stuff from
ML> a systems
ML> registry?

Well, format usually removes most unneeded stuff from registry ;)
Could it just be that your provider is using smart host configuration
??


ML> Whats safe, whats not? is it ok to open the reg file
ML> in a
ML> text editor then save back to disk?

ML> Absolutely not!  That's why Microsoft provides the Registry Editor. 
ML> That's how you manually edit the Registry.Mark

In addition to that, you'd loose all ACLS on the regsitry entries
updated: NOT a good prospect...

Good luck,
Stephane


-- 
Best regards,
 security                            mailto:security at admin.fulgan.com




More information about the list mailing list