Security Risks of Firewire and PCMCIA DMA

#1 (**permalink**) 06-06-2007, 04:34 AM

Does anyone know of a way to mitigate or totally eliminate the risks
of firewire and PCMCIA direct memory access on a running Windows XP
system that has the keyboard/mouse/screen locked out?

Everything I've ever read has said just live with the risk because
there's nothing you can do about it. Some have suggested just plugging
the ports with epoxy. That's not a good solution and can probably be
bypassed.

The problem seems to be that no matter how diligent you are, there's
no software solution to this. These ports have direct access to RAM,
so they can do virtually anything to your system. I'm sure there's a
solution out there, but I have yet to run accross it.

#2 (**permalink**) 06-06-2007, 05:36 AM

Privacy <privacyoriented@mailinator.com> writes:

> Does anyone know of a way to mitigate or totally eliminate the risks
> of firewire and PCMCIA direct memory access on a running Windows XP
> system that has the keyboard/mouse/screen locked out?
>
> Everything I've ever read has said just live with the risk because
> there's nothing you can do about it. Some have suggested just plugging
> the ports with epoxy. That's not a good solution and can probably be
> bypassed.
>
> The problem seems to be that no matter how diligent you are, there's
> no software solution to this. These ports have direct access to RAM,
> so they can do virtually anything to your system. I'm sure there's a
> solution out there, but I have yet to run accross it.

I read an article in eweek about some software based solutions out
there that seek to mitigate these issues.

I'll be damned if I can find it though.

Okay, I found something familiar. There's a mention of Safend's Port
Protector product in this article, but it's aging.
http://www.eweek.com/article2/0,1759,1840131,00.asp

I think similar other products exist, but that's about all I can tell
ya. Might be something to look into anyway.

Physical access to a machine has always been where the buck stops
though... it's just scary how quickly a machine can be infected with a
USB port open...

--
Todd H.
http://www.toddh.net/

#3 (**permalink**) 06-20-2007, 07:35 AM

On Jun 6, 8:34 am, Privacy <privacyorien...@mailinator.com> wrote:
> Does anyone know of a way to mitigate or totally eliminate the risks
> of firewire and PCMCIA direct memory access on a running Windows XP
> system that has the keyboard/mouse/screen locked out?

try devicelock (www.devicelock.com).

#4 (**permalink**) 06-20-2007, 01:22 PM

Andrew wrote:

> On Jun 6, 8:34 am, Privacy <privacyorien...@mailinator.com> wrote:
>> Does anyone know of a way to mitigate or totally eliminate the risks
>> of firewire and PCMCIA direct memory access on a running Windows XP
>> system that has the keyboard/mouse/screen locked out?
>
> try devicelock (www.devicelock.com).

Why should he? It's a hardware issue.