[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: OT: Smartcards and Physical Security [Was: Re: Backport of the integer overflow in the brk system call]

On Tue, 02 Dec 2003, Tom wrote:
> Yes but the attacker did not "steal" the DD's computer.  He rooted it
> remotely.

So the machine is rooted remotely, the DD logs into a debian box even
using our new fangled smart cards, and the attacker still can control
the connection.

In this particular intrusion vector, the use of a smart card merely
means that the attacker has to trojan the ssh binary on the
compromised machine and use it to run a command that opens a shell
under the DD's uid on a non-privledged port, thus circumventing the
smart card in its entirety.

If you log into a machine from a compromised machine using any means I
can forsee today, the attacker can always control the account of the
machine logged into, because the attacker effectively become the user
of the machine.

Don Armstrong

Tell me something interesting about yourself.
Lie if you have to.
 -- hugh macleod http://www.gapingvoid.com/archives/batch20.php


Attachment: signature.asc
Description: Digital signature

Reply to: