[Arm-netbook] ARM's OOB para-virtualization & FreeZone in A10?

[freebirds at fastmail.fm]

Gordon Bobic, I assumed Fedora's preintalled firewall sufficed.
Subsequently, I hired a different computer security expert to write a
script for IP tables, install tripwire and snort. Work is not completed.

I will forward your email to the computer security expert who performed
forensics on my netbooks and captured the packets. Hopefully, he will
take the time to answer your questions.

On Thu, Jul 5, 2012, at 06:07 PM, Gordan Bobic wrote:
> On 05/07/2012 17:36, freebirds at fastmail.fm wrote:
> > Gordan Bobic asked: "And this also works on Linux? Can you cite any
> > record of an exploit that is capable of this?"
> >
> > What I can give you are some home brewed encrypted almost frameless
> > packets being sent out of band by my Asus netbook to a Roadrunner IP
> > address in Virginia. A computer security expert captured them but was
> > unable to decrypt them. They are attached.
> 
> And this was being sent out without going via the OS's IP stack? If this 
> was indeed something OOB on hardware level that provides console-type 
> access has existence of such a thing ever been demonstrated on the said 
> Asus model?
> 
> So far this sounds almost like somebody scanning public IPs on 
> telnet/ssh port and throwing default DRAC/iLO usernames/passwords at it 
> until something sticks. I can understand that if such a feature exists 
> on a machine it needs to be publicised - that is indeed an issue.
> 
> And why, exactly, would you ever plug a machine like that directly to 
> the internet via a public IP, and no NAT and firewall in the way?
> 
> Gordan
> 
> _______________________________________________
> arm-netbook mailing list arm-netbook at lists.phcomp.co.uk
> http://lists.phcomp.co.uk/mailman/listinfo/arm-netbook
> Send large attachments to arm-netbook at files.phcomp.co.uk

-- 
http://www.fastmail.fm - Access all of your messages and folders
                          wherever you are