On Thu, May 24, 2001 at 04:03:15PM +0200, Jochen Kaiser wrote: > There is a group of similar products available which do far more: [SNIP] > There are at least 3 product which handle this. the one we test at the moment > is http://www.daten-airbag.de/textvers/index.html If I understand the information on this device correctly, this is a modified BIOS disabling writes to the disk. This only works when all disk access is via the BIOS, so this will not work with anything directly accessing the IDE/ATA-controllers (e.g. OSes like *BSD, SMART-disk-managementsoftware, maybe even the newer NT ATAPI-drivers?) with writes to 0x01f0-8. To block these attacks, one still needs to have something physically interposed somewhere in the path from PCI-bus via controller to the disk(s), preferbly just before the disks. If there are ready-to-run chips or sourcecode for simple processors that can interpreted the diskside of the ATA-commands, one could make an "ATA-firewall" that would allow this kind of write-protection in a more generic way. Building this yourself should be possible, but is non-trivial to get right. With kind regards, Wouter Slegers Your Creative Solutions
This archive was generated by hypermail 2b30 : Mon May 28 2001 - 12:01:53 PDT