| From: | Lehlan Decker <decker@****.FSU.EDU> |
|---|---|
| Subject: | Re: Hacking Security Tallies (Was Re: Weird Campaigns) -Reply |
| Date: | Thu, 21 May 1998 11:23:27 -0500 |
> <snip: reset security tally>
> >Well, it makes sense -- if the computer does something, it has to be
> >poking bytes somewhere, and a skilled "user" should be able to
> >manipulate those bytes.. and yes, modifying something like that would
> >obviously be superuser only -- that's the point of superusers, to fix
> >shit when users break it, right? :)
>
> Except that the security tally will be implemented in hardware as much
> as possible, for this very reason. Reseting a security tally manually
> should require inserting a special key into a lock on the mainframe. You
> can't put too much into hardware or you loose the flexibilty to adapt or
> upgrade, but security tally certainly can go there.
>
A very possible solution, depending on your level of paranoia.
However, depending on exactly what the key does, you can probably
write code to mimic it. (What signal does it generate to what process?)
To remove a security Tally, the decker is probably going to either know
what process/files are involved, or be able to act as "superuser" to
command the correct process. I'm thinking this is why a talented decker
would spend some time in a system quietly, creating some back doors, etc.
Them during the run with time and stealth is critical, much less stress.
Then again, your applying real life computer principals to SR again.
And that doesn't always work. :)
--
--------------------------------------------------------------------
Lehlan Decker 644-4534 Systems Development
decker@****.fsu.edu http://www.scri.fsu.edu/~decker
--------------------------------------------------------------------
The universe doesn't have laws, it has habits. And habits can be broken.
