Re: Debian audititing tool?

To: debian-security@lists.debian.org
Subject: Re: Debian audititing tool?
From: Ethan Benson <erbenson@alaska.net>
Date: Fri, 22 Dec 2000 23:05:32 -0900
Message-id: <[🔎] 20001222230532.D717@plato.local.lan>
Mail-followup-to: debian-security@lists.debian.org
In-reply-to: <[🔎] 20001222175455.A4761@llama.nslug.ns.ca>; from peter@llama.nslug.ns.ca on Fri, Dec 22, 2000 at 05:54:55PM -0400
References: <[🔎] 20001221143724.UHTR6697.mta09.onebox.com@onebox.com> <[🔎] 87vgscqgv5.fsf@psyche.dnsalias.org> <[🔎] 20001222175455.A4761@llama.nslug.ns.ca>

On Fri, Dec 22, 2000 at 05:54:55PM -0400, Peter Cordes wrote:
> 
>  That's why you run the checker from a known-good floppy or CD.  The bogus
> kernel can't protect itself if it isn't running :)

don't be so sure, is the BIOS or firmware on your computer flashable?
if so an attacker could replace the firmware/BIOS itself to ensure
later trojans are installed.  

-- 
Ethan Benson
http://www.alaska.net/~erbenson/

Attachment: pgpQY6MSEdqWJ.pgp
Description: PGP signature

Reply to:

Follow-Ups:
- Re: Debian audititing tool?
  - From: Peter Cordes <peter@llama.nslug.ns.ca>

References:
- Re: Debian audititing tool?
  - From: "Dan Hutchinson" <hutchinsond@zdnetonebox.com>
- Re: Debian audititing tool?
  - From: Carey Evans <carey@debian.org>
- Re: Debian audititing tool?
  - From: Peter Cordes <peter@llama.nslug.ns.ca>

Prev by Date: Re: Debian audititing tool?
Next by Date: Re: Debian audititing tool?
Previous by thread: Re: Debian audititing tool?
Next by thread: Re: Debian audititing tool?
Index(es):
- Date
- Thread