Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Bios programming...

From: Philipp Walther <philippwalther () gmx ch>
Date: Thu, 03 Mar 2005 20:44:58 +0100
Matt Marooney wrote:
I am trying to write a program to help people who are addicted to internet pornography. This application would be tied into an online 

(Ever heard of "ask-slashdot"? that would be very on-topic there ;-))
service where someone could sign up for monitoring, and download a thin client app. The application would run in the background of the person's computer, and upload the person's internet activity to the website. The service would then email this activity report to designated recipients. I have most of the knowledge to create this service, but I need to know how to do a couple things: 1. I would like the program to be "un-installable". I've heard of a couple of hardware security tracking services that can load a very small setup package in the CMOS and if a computer is stolen, and the hard drive is replaced, the app reloads itself and the next time the computer is on the internet, it sends out a beacon. Does anyone have any insight about how to do something like this? I want the CMOS program to run on boot, and check to see if the monitoring software is still installed. If it is not, the boot process reloads it. 


Since this is going to be "secured" with security through obscurity,
you may want to explain us (super-geeks ;-)) what you are going to do
if I reset my CMOS? (I don't want to mention write-protection and
virus-scanners who will treat your app as a virus..)
Ok, you want a checking-app in your CMOS. This app needs to read the harddisk - the filesystem. So you would need to implement a routine to read NTFS and FAT32. Oh yes, you need to check all disks, so you will need drivers for SATA/PATA/SCSI and RAID.
Now if you have implemented all that, you need to pack all that in about 256 bytes (512 bytes if you're lucky)..
2. obviously, the program does not need to be very large, so I want it to run in the background and not be visible to the computer's user. This is easy, I know, but I want the process to be completely invisible. (even to super-geeks)
Well that could be possible somehow.. patch some files and you're there.. I suggest you look for some kind of root-kit for win32.
3. I would like to figure out a way to monitor traffic for multiple protocols (HTTP, FTP, File Sharing, Chat, etc.) . I'm wondering if there is a way to figure out "bad" requests on a packet level. 


You're lucky!

Yes, this can be done on TCP Level, I suggest to read RFC 3514.
Libpcap is your friend.
I really appreciate any help with these questions! Thank you all, -- Matt 


Happy coding!

-phil
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: