Re: ASUS mother board security question...

From: Nick FitzGerald (nick@virus-l.demon.co.uk)
Date: Sat Sep 25 1999 - 22:04:27 PDT

Next message: Cy Schubert - ITSD Open Systems Group: "Re: FreeBSD-specific denial of service"

Previous message: Lisa Napier: "Re: Nmap and Cisco Dos, clarification --"
Maybe in reply to: R.S.(Bob) Heuman: "ASUS mother board security question..."
Next in thread: Ben Ryan: "Re: ASUS mother board security question..."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> The one to watch are the machines that allow remote shutdown via lan messages.
> They have a password scheme, but its unencrypted

Nope -- the one to watch are those implementing the "reboot from LAN
image" option.

I think, today, that is none, but the PC98, etc specifications make
some hilarious reading -- hilarious, that is, if so many of the
things suggested as likely to be required in near-future updates of
the spec weren't so damn stupid/short-sighted.

The afterthought (expressed in a footnote to the "reboot from LAN
image" option) to the effect "it may be advisable to develop an
authentication mechanism for this feature" is a classic example of
the contempt in which security is held amongst designers at Richmond.


Regards,

Nick FitzGerald

Next message: Cy Schubert - ITSD Open Systems Group: "Re: FreeBSD-specific denial of service"
Previous message: Lisa Napier: "Re: Nmap and Cisco Dos, clarification --"
Maybe in reply to: R.S.(Bob) Heuman: "ASUS mother board security question..."
Next in thread: Ben Ryan: "Re: ASUS mother board security question..."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:05:02 PDT