Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

fulldisclosure logo Full Disclosure mailing list archives

Re: Firewire Attack on Windows Vista
From: "Larry Seltzer" <Larry () larryseltzer com>
Date: Sun, 9 Mar 2008 22:14:08 -0400
WRT the DMA access over FireWire it's but a bad response since it

doesn't get the point!

1. Drive encryption won't help against reading the memory.
2. The typical user authentication won't help, we're at hardware level
  here, and no OS needs to be involved.
3. The computer is up (and running; see above), no hibernate or sleep
  is involved here.


So on a freshly-booted system with drive encryption you can read
whatever you want on the disk? 


4. Group policies can be circumvented, even by a limited user.


<http://blogs.technet.com/markrussinovich/archive/2005/12/12/circumventi
ng-group-policy-as-a-limited-user.aspx> 

What he says is that some group policies, not including system-wide
security settings, maybe circumvented, even by a limited user.

Larry Seltzer
eWEEK.com Security Center Editor
http://security.eweek.com/
http://blogs.pcmag.com/securitywatch/
Contributing Editor, PC Magazine
larry.seltzer () ziffdavisenterprise com

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]