| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: philippwalther at gmx.ch (Philipp Walther) Subject: Bios programming... Matt Marooney wrote: > I am trying to write a program to help people who are addicted to > internet pornography. This application would be tied into an online (Ever heard of "ask-slashdot"? that would be very on-topic there ;-)) > service where someone could sign up for monitoring, and download a thin > client app. The application would run in the background of the person's > computer, and upload the person's internet activity to the website. The > service would then email this activity report to designated recipients. > I have most of the knowledge to create this service, but I need to know > how to do a couple things: > > 1. I would like the program to be "un-installable". I've heard of a > couple of hardware security tracking services that can load a very small > setup package in the CMOS and if a computer is stolen, and the hard > drive is replaced, the app reloads itself and the next time the computer > is on the internet, it sends out a beacon. Does anyone have any insight > about how to do something like this? I want the CMOS program to run on > boot, and check to see if the monitoring software is still installed. > If it is not, the boot process reloads it. Since this is going to be "secured" with security through obscurity, you may want to explain us (super-geeks ;-)) what you are going to do if I reset my CMOS? (I don't want to mention write-protection and virus-scanners who will treat your app as a virus..) Ok, you want a checking-app in your CMOS. This app needs to read the harddisk - the filesystem. So you would need to implement a routine to read NTFS and FAT32. Oh yes, you need to check all disks, so you will need drivers for SATA/PATA/SCSI and RAID. Now if you have implemented all that, you need to pack all that in about 256 bytes (512 bytes if you're lucky).. > 2. obviously, the program does not need to be very large, so I want it > to run in the background and not be visible to the computer's user. This > is easy, I know, but I want the process to be completely invisible. > (even to super-geeks) Well that could be possible somehow.. patch some files and you're there.. I suggest you look for some kind of root-kit for win32. > > 3. I would like to figure out a way to monitor traffic for multiple > protocols (HTTP, FTP, File Sharing, Chat, etc.) . I'm wondering if > there is a way to figure out "bad" requests on a packet level. You're lucky! Yes, this can be done on TCP Level, I suggest to read RFC 3514. Libpcap is your friend. > > I really appreciate any help with these questions! Thank you all, > > -- Matt > > Happy coding! -phil
Powered by blists - more mailing lists