verify currently running software on ram
Valdis.Kletnieks at vt.edu
Valdis.Kletnieks at vt.edu
Mon Jan 13 12:44:49 UTC 2014
On Mon, 13 Jan 2014 12:26:02 +0200, Tassos Chatzithomaoglou said:
> I'm looking for ways to verify that the currently running software on our
> Cisco/Juniper boxes is the one that is also in the flash/hd/storage/etc.
In general, asking the operating system if it's pwned is an insoluble
problem, because the pwner will of course arrange that the answer to such
a query be "No, I'm not pwned".
You really need assistance from one layer further down - if you're in a
VM, you need to ask the hypervisor. If you're on bare metal, you need to
ask the SMM or equivalent. If you're in the SMM, you need to ask the
hardware. And of course, at each level, you have to ask yourself how you
know that *that* level isn't lying to you....
(Yes, this is the corner of system security where, if you're not already
a paranoid schizophrenic, you will be soon.. :)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 848 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20140113/71bad64d/attachment.sig>
More information about the NANOG
mailing list