Re: [Full-Disclosure] Bios programming...

• Previous message: Pedro Venda: "Re: [Full-Disclosure] Bios programming..."
• In reply to: Matt Marooney: "[Full-Disclosure] Bios programming..."
• Next in thread: David Royer: "RE: [Full-Disclosure] Bios programming..."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Thu, 03 Mar 2005 20:44:58 +0100
To: full-disclosure@lists.netsys.com

Matt Marooney wrote:
> I am trying to write a program to help people who are addicted to
> internet pornography. This application would be tied into an online

(Ever heard of "ask-slashdot"? that would be very on-topic there ;-))

> service where someone could sign up for monitoring, and download a thin
> client app. The application would run in the background of the person's
> computer, and upload the person's internet activity to the website. The
> service would then email this activity report to designated recipients.
> I have most of the knowledge to create this service, but I need to know
> how to do a couple things:
>
> 1. I would like the program to be "un-installable". I've heard of a
> couple of hardware security tracking services that can load a very small
> setup package in the CMOS and if a computer is stolen, and the hard
> drive is replaced, the app reloads itself and the next time the computer
> is on the internet, it sends out a beacon. Does anyone have any insight
> about how to do something like this? I want the CMOS program to run on
> boot, and check to see if the monitoring software is still installed.
> If it is not, the boot process reloads it.

Since this is going to be "secured" with security through obscurity,
you may want to explain us (super-geeks ;-)) what you are going to do
if I reset my CMOS? (I don't want to mention write-protection and
virus-scanners who will treat your app as a virus..)

Ok, you want a checking-app in your CMOS. This app needs to read the
harddisk - the filesystem. So you would need to implement a routine to
read NTFS and FAT32. Oh yes, you need to check all disks, so you will
need drivers for SATA/PATA/SCSI and RAID.

Now if you have implemented all that, you need to pack all that in about
256 bytes (512 bytes if you're lucky)..

> 2. obviously, the program does not need to be very large, so I want it
> to run in the background and not be visible to the computer's user. This
> is easy, I know, but I want the process to be completely invisible.
> (even to super-geeks)

Well that could be possible somehow.. patch some files and you're
there.. I suggest you look for some kind of root-kit for win32.

>
> 3. I would like to figure out a way to monitor traffic for multiple
> protocols (HTTP, FTP, File Sharing, Chat, etc.) . I'm wondering if
> there is a way to figure out "bad" requests on a packet level.

You're lucky!

Yes, this can be done on TCP Level, I suggest to read RFC 3514.
Libpcap is your friend.

>
> I really appreciate any help with these questions! Thank you all,
>
> -- Matt
>
>

Happy coding!

-phil
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

• Previous message: Pedro Venda: "Re: [Full-Disclosure] Bios programming..."
• In reply to: Matt Marooney: "[Full-Disclosure] Bios programming..."
• Next in thread: David Royer: "RE: [Full-Disclosure] Bios programming..."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]