Linux Users Now Protected With New Rootkit Technique
During the Black Hat security conference in Amsterdam, the presentation entitled “Alice in User-Land: Hijacking the Linux Kernel via/dev/mem” of the Linux professional, Anthony Lineberry, said to the public that he will soon publish the Libmemrk library. Libmemrk is operationable in both 32- and 63-bit systems.
The Libmemrk shall enable rootkit developers to hide processes and files and also interfere in network goings-on. What it really does is that it employs the /dev/mem device driver, without the need for rights, to write into the main memory an arbitrary code from the users space. This driver shows an interface that allows the use of the memory that can be physically addressed. The Xserver and DOSEmu are now using it. Lineberry emphasized that getting things rolling with rootkits through /dev/mem is less distinguishable than the usual route which is through loadable kernel modules or LKMs.
This latest library will get the load off the backs of rootkit programmers by not requiring them anymore to go through the translation of virtual memory addresses into physical addresses and recognizing the memory bounds that can be studied before the attack. This way, the attacker will not be able to overwrite whatever system calls exist and replace them with another code up to the moment that the right ranges used by the kernel have been found. The actual contents found in the memory by the kernel are concurrently being shifted into a buffer.
For an attack to be successful, careful and detailed procedures are required which can be done by Libmemrk. These steps are described by Lineberry in his paper entitled “Malicious Code Injection via /dev/mem.” Lineberry furthers says that attacks usually do not succeed in virtual systems since hypervisors behave in a different way as compared to unvirtualized environments. He reminded everyone that even with libmemrk, the attack should still be programmed manually using assemble language. He intends to use libcc in the future so that whatever impact it creates should be lessened.
Lineberry usefully gave some tips how Linux users can protect themselves against these kinds of rootkits. He thought that modifying the memory driver is enough to disallow the write/read pointer 1seek to find at least 16 kb in the memory. The latest versions of Fedora and Red Hat are secure in a built-in manner since their kernels integrate SELinx or Security Enhanced Linux features into the system.
The publishing is not possible at the moment, according to Lineberry, since he is still in the process of getting rid of the last weaknesses that it has. This is something Linuxers should look forward to to protect themselves from possible attacks.
Micro Digital Gives a Break to Blackfin Processors with the Latest smxUSB 2.0
Embedded Tools, the distributor of Micro Digital, Inc., is happy to announce that the port of Micro Digital’s smxUSB 2.0 adds to the pile of the all-powerful Blackfin collection of processors. The smxUSB is now offering both the Blackfin host device driver and the Blackfin device driver itself. Even for those processors that do not have built-in internal USB controllers, there are external controller drivers available.
Micro Digital, Inc. has been in the industry of embedded systems for more than 30 years and have developed and sold embedded software products in the past 20 years. The company has been proven to sell quality products for embedded systems at prices that are affordable.
Micro Digital is now fully-equipped with all kinds of products for Blackfin processors like composite, audio, Ethernet over USB (RNDIS), mouse, mass storage, and multiport system for devices and CDC ACM (modem), HID, audio, mass storage, serial, RFID, USB to serial, USB to Ethernet and WiFi with WPA and WEP for host. All these products combine will all file systems and networking products of Micro Digital to create a strong collection. Even USB On the Go (OTG) are also out in the market.
In January 2009, Chip Wrights, Inc., announced the port of the smx USB 2.0 stack to the CW5631 Visual Signal Processor (ViSP) that is embedded on System-on-Chip (SoC) development platform. This company worked hand-in-hand with Micro Digital to implement the host stack, smxUSBH, and the device stack, smxUSBD, on the CW5631. This capability will allow a USB host and the device stack portable to a lot of target operating systems, which is a crucial part of the process. This will allow the host stack to provide an expandable, plug-and-play USB interface. Meanwhile, the device stack can easily and quickly be added with USB device capabilities for specific work requirements.
All the smxUSB products are especially designed to offer simple, affordable and clear uses for all types of embedded systems. This smxUSBH host stack begins with a price of $6,000. Drivers are offered at separate costs but all the products mentioned are now available in the soft- and hardware markets.
The wide range of Micro Digital products is enough to make die-hards’ mouths water. Especially with the coming of the smxUSB 2.0 for Blackfin processors, users have their hands full with the latest and highy-functional devices.
Connecting Your USB Devices Had Never Been This Easy!
Get the hottest scoop on the network world today –the ShareStation! ShareStation or USB Net ShareStation model GUIP204 i manufactured by Iogear. This is a tiny but handy device that can share up to four USB- devices to your switch or home router (whether wired or wireless). Once connected with your router, any linked computer can easily have an access to any USB- enabled devices connected on the same network.
What’s so excellent about ShareStation? Its very versatile interface allows connection of any USB-enabled devices such as flash drive, external hard drive, speaker, webcam, multi-function printer (MFP), memory card reader or speaker to a network of different PC users. A multi-function printer, for example is not so capable of printing for multiple PCs or some network attached storage or NAS devices. With ShareStation however, it can easily connect the multifunction printer and USB-enabled devices. You can work anywhere and print wirelessly to a multifunction printer. Plus, you don’t need to worry so much on print settings. It’s as if you’re sitting next to your PC and printer!
Another wonderful thing about ShareStation is its low cost and its ability to cut costs. Iogear priced it at $85 only. Due to its ability to support external drives, multiple users can use the USB drive to back up their systems and to copy their files. USB Webcam support, on the other hand creates a security system that can view someone else’s work via network. This serves as a simple and low cost monitoring gadget. Clearly, the ShareStation, can cut the costs of several PC supports, printer devices and security systems.
What are some of the not so good things about USB ShareStation? There are disadvantages attached to using this gadget. The setup is not so reliable. You might need to install and reinstall the system over again to be recognized by your PC’s operating system. You’ll be needing ShareStation driver and Iogear software if your computer requires access to any USB devices. Other device driver software such as Webcam software and printer drivers may also be needed.
Another lapse is that the system doesn’t support simultaneous multiple users. For example, if one computer is “linked” to a printer, the second user may not be able to print unless the first user disconnects. The disconnection of USB devices follows certain steps also. If you’re working with Windows, you have to do the “safely removal of the hardware” before going to the “disconnect” menu.
There are various methods to access ShareStation basing on your operating system either Windows XP or Vista. On Windows XP, accessing the device would only require the client software. Working with Windows Vista on the other hand will require you to open the network window and to select the particular device.
This four port USB ShareStation is again a good invention that purposely ease the lives of many PC users. Its versatility can be enjoyed by everyone especially those who wants to enjoy their PCs from anywhere in their office and home. Although there are some disadvantages, these outweigh the benefits that can be gained from this very affordable device. Overall, this gadget is a better buy indeed!