O Preventing TPM Reset Attacks
Mon, 26 Aug 2019 |
Linux Security Secrets
The TPM reset attack is technically very difficult to prevent using some of the oldest TPM technology, namely TPMs provided on daughterboards. The attack is more complicated to perform if the TPM is integrated to the motherboard, rendering access to the chip pins more difficult. On the other hand, the risk associated with this attack is very low due to the very high cost for the attacker She has to not only be present in front of the computer, but also open it, find the TPM and the correct pin,...
- About Bluetooth
- About The Authors
- About the Authors Andrea Barisani
- About the Project Leader Pete Herzog
- Access And Controls Exploitation
- Access Control Models
- Acoustic Attacks
- Active Tags
- Active Web Application Enumeration
- Adding Files and Dependencies to Chroot Jail
- Administrative Interfaces
- Advantages and Disadvantages of Electronic Evidence
- AJAX Hacking
- Alarm Dialups
- Algebraic Languages
- Alteration of Data or Integrity
- Analyzing C Code Using Hoare Logics
- And Toll Free Dialups
- Andrea Ghirardini
- Appendix A
- Appendix B
- Appendix C
- Application Attacks
- Assembling a Linuxbased Auditing Hacking Platform
- Atheros and MADwifiMADwifing
- Attacks Against VoIP Equipment
- Audit Packages
- Authentication and Authorization
- Authentication Server
- Automated Scanning Techniques
- Avoid Loadable Kernel Module Feature
- Banner Grabbing - 2
- Based On Valid Security Research
- Basic Elements
- Being Faceless and Traceless
- Billing Bypass
- Bind Hardening
- BIOS Password Bypass Techniques Modifying Jumper Settings
- BIOS Password Bypass Techniques Using CMOS Battery Removal
- Blowfish Support
- Bluetooth Authentication and Key Generation
- Bluetooth Network Encapsulation Protocol
- Bluetooth Profiles
- Bluetooth Security Modes
- Boot Process Attacks
- Brute Force Logins and Password Reset Questions
- Bsd Security Advisories
- Buffer Overflows and Weak Input Validation
- Build Network Segments and Hostbased Firewalls
- Building a Cantenna
- Code Static Analysis
- Caduceus
- Call Interception
- Call Setup
- Captive Portal
- Case Study - 2 3 4 5 6 7 8 9 10 11 12 13 14
- Caveat
- Cfengine
- Challenge Response
- Chapter
- Check IPv6 Status
- Chflags1
- Chipset and Driver Links
- Christopher
- Chrooting Devices
- Circumventing BIOS Passwords
- Cisco Systems
- Client Side Input Validation
- Clockctl4
- Colby Clark
- Collect Log Files at a Central Place
- Collect Statistics Within the Network
- Comments in Code
- Common Application Attacks
- Common Banners
- Communication Network Attacks
- Compromising Extraneous Services
- Conexant PrismGT and the Prism54 Project
- Confidentiality
- Conventional IP Network Attacks
- Conventional Services and Equipment Attacks
- Converging Networks Attacks
- Cracking and Evading Authentication
- Cracking Confidentiality
- Cross Site Request Forgery
- Cross Site Scripting
- Cryptoapi
- Daemontools
- Data Integrity
- Data Validation
- Database Security
- DCC Annex List
- Dealing with Error Codes
- Default Deny Policy
- Defeating the Authentication Process
- Definition of Electronic Evidence
- Denial of Service
- Denial of Service or Availability
- Deny All Allow Specifically
- Disable Booting from Removable Media
- Distributed Checksum
- Dns Basics
- DNS Record Faking
- DNS Spoofing
- DoS on Anti Collision Attacks
- Dru Lavigne
- Dynamic ARP Inspection and DHCP Snooping
- Eavesdropping on Wireless Communication
- Email Routing
- EMP Tag Destruction Attacks
- Encryption - 2
- Enumeration
- Escaping a Chroot Jail
- Evading Blame
- Exploiting Daemons Running as Privileged Users
- Exploiting Data in Memory
- Exploiting Radio Frequency
- Exposing Secrets
- External Supplier Dialups
- Fake SSL Certificates
- Faking Device Entities
- File Replacement Rootkits User Mode
- Fingerprinting the Target
- Finite State Based Languages
- Firewall Circumvention Advanced Tunneling
- Firewall Circumvention Basic Tunneling
- Firewall Circumvention Reverse Tunneling
- Firewalls and NAT
- First Approach
- Foreword
- Formal Methods
- Formal Vs Semiformal Methods
- FramaC
- Frame Analysis
- Fredesvinda Insa Merida
- Free From Risk
- Freebsd
- FreeBSD VuXML
- Gbde4
- General Security Issues
- Generic RAS Numbers
- Granular Sudo Configuration
- Greylisting
- H323 Architecture
- Hacking Local Passwords
- Hacking Setup Linux Native Chipsets and Drivers
- Handling Electronic Evidence
- Hardware Attacks
- Hardware Driver and Module Exploitation
- Hardware Health
- Hardware Other Valuable Tools
- Hardware The Forensic Workstation
- Headers and Trust Relationships
- Hidden Fields
- History Of Rfid Leon Theremin And The Thing
- Host Controller Interface
- Host Based Firewall Packet Filter
- How This Book Is Organized
- How X25 Networks Work
- HTTP Request Smuggling
- HTTP Response Splitting
- Hybrid Systems
- Identification FriendorFoe
- Identifying Dependencies
- Identifying Frequency Usage and Patterns
- Improved Methodology
- Induction Inquest and Intervention
- Information Gathering
- Information Leakage Through Exposures
- Ingress and Egress Filtering
- Input Validation Attacks
- Insecure Cookies
- Insufficient Data Validation
- Integrity
- Intel Centrino and IPW2200
- Intelligent Wardialer
- Introducing ISDN
- Introducing PSDN and X25
- Introducing PSTN
- Introduction
- Introduction to VoIP Testing Tools
- Intrusion Detection Systems
- Psec4
- Isdn
- IT Management RAS Dialups
- Jail8
- JTSS Wrapper
- Julian Hammer Jammer Ho
- Justify Enabled Daemons
- Kauth9
- Lack of Redundancy
- Layer 3 Connectivity Testing
- Legislative Regulations
- Limiting Other Options
- Linux RFID
- Linux Security Modules
- Live Investigation Acquisition
- Local Passwords Recovery
- Location Attacks
- Lock Out on Too High Fail Count
- Logical Link Control and Adaption Protocol
- Lowlevel Software Attacks
- MAC Policies
- Magellan Technology
- Mainframe RAS Dialups
- Making Changes
- Maninthemiddle
- Marco Ivaldi
- Media Eavesdropping
- Media Injection and Manipulation
- Memory Flashing Attacks
- Minimizing and Protecting Web Applications
- Model Based Languages
- Modified System Component Attacks
- Mod Security - 2
- Network And Systems Profiling
- Network Attacks
- Network Security Guidelines - 2 3 4
- Network Visibility Holes
- NIX Systems
- Non ProtocolBased Denialof Service Noise
- O Access Denied
- O Addressing Untrustworthiness
- O Apply the Same Filtering Rules to Secondary MX Servers
- O Assurance Through Nonrepudiation
- O Assuring Authentication
- O Assuring Confidentiality
- O Assuring Indemnification
- O Avoid Being a Victim of Phishing
- O Avoid Setting Up an Open Relay
- O Being Invisible
- O Controlling Your Email Traffic
- O Countermeasures for Bluetooth Bugs
- O Creating Continuity
- O Creating Proper Privacy Controls
- O Defeating Power Consumption Attacks
- O Defending Against 80211 Frame Analysis
- O Defending Against Attackers Using Linux Native Chipsets and Drivers
- O Defending Against Auditing Hacking Platform Assembly
- O Defending Against RF Exploitation
- O Defending Against RF Spectrum Analysis
- O Defending Against Wireless Client Attacks
- O Demanding Proper Subjugation
- O Detecting and Managing Brute Force Attacks
- O Detecting and Mitigating Backdoors
- O Detecting and Preventing Reverse Tunneling
- O Detecting and Preventing Tunneling
- O Disabling Bootable Linux CDs
- O DNS and Encryption TSIG and DNSSEC
- O Do Not Answer Device Inquiries
- O Domain Keys
- O Establishing Device Pairings
- O Generic RAS Countermeasures
- O Hide Version
- O Implement Multiple MX Servers
- O Improving Network Visibility
- O IT Management RAS Countermeasures
- O Maintain Secondary Servers
- O Maintaining Integrity
- O Making the Most of Alarms
- O Managing Outgoing Traffic and Bounces
- O Mitigating Boot Process Attacks
- O Mitigating Daemons Running as Privileged Users
- O Mitigating Modified System Component Attacks
- O OpenPGP
- O Practical Wireless Deployment Methodology PWDM
- O Prevent Service Discovery
- O Preventing AJAX Hacking Data Validation
- O Preventing Cloning Attacks
- O Preventing Common Application Attacks
- O Preventing Converging Networks Attacks
- O Preventing Cross Site Request Forgery
- O Preventing EMP Tag Destruction Attacks in General
- O Preventing Escape from Chroot Jails
- O Preventing Hardware Driver and Module Privilege Escalation
- O Preventing HTTP Request Smuggling Web Infrastructure Selection
- O Preventing HTTP Response Splitting Web Caching Proxies
- O Preventing Insecure Cookies Cookie Security
- O Preventing Memory Flashing Attacks
- O Preventing Passive Profiling and Intelligence Scouting Security Policy and Awareness Training
- O Preventing Privilege Elevation
- O Preventing Signal Jamming Attacks
- O Preventing Signalingbased Denial of Service
- O Preventing Social Engineering
- O Preventing Software Vulnerability Exploitation
- O Preventing Spoofing Identities Security Policy and Awareness Training
- O Preventing Validation Attacks
- O Preventing Weak Cipher Suites and Encryption Protocols Strong Encryption
- O Preventing Web Feed Hacking White List Input Validation
- O Preventing Web Infrastructure Detection Infrastructure Identification
- O Preventing Web Services Enumeration and Manipulation
- O Proper Configuration of Privileges in the MTA
- O Reducing Attack Profile
- O Removing Unnecessary Services
- O Reverse Mapping PTRs
- O Rootkit Detection and Mitigation Techniques
- O Safeguarding Data in Memory
- O Secure Network Architecture
- O Secure Zone Transfers
- O Securing File Permissions and Attributes
- O Security Through Obscurity
- O Sender Policy Framework SPF
- O Shutting the Blinds
- O Tempest and Defeating Van
- O The Complex Art of Mail Filtering SPAM and Virus Traffic
- O Time Traveling to Defeat Timing Attacks
- Object Exchange
- One Time Passwords
- Online Documentation
- Online Man Pages
- Open Relays
- Open Trusted Computing
- OpenB SD
- Openbsd
- OpenMRTD
- OpenPAM
- OpenPCD
- OpenPICC
- Organization Enumeration
- Other Current RFID Uses
- Other Service Management Tools
- Other Wireless Chipsets and NDISwrapper Driverloader
- Outgoing Traffic and Bounces
- Overview Of Bsd Projects
- Overview Of Pstn Isdn And Psdn Attack Vectors
- Pablo Endres
- Passive Profiling and Intelligence Scouting
- Passive Tags
- Password Login Attacks
- Passwords
- Patrick Boucher
- PAW and PAWS
- Perform Time Synchronization
- Perl Scripting Language
- Personnel Enumeration
- Pf4 Firewall Features
- Phishing
- Physical Access Controls
- Physical Access To Linux Systems
- Physical Memory Data Harvesting
- Platform Attack Taxonomy
- Poly Space Verifier
- Poor Error Handling
- Port and Service Scans
- POSIX Access Control Lists
- Power Consumption Attacks
- Preparing the Toolkit
- Preventing Skimming Eavesdropping Attacks
- Prevention Against Brute Force
- Private X28 PAD via a Standard or Toll Free PSTN or ISDN Number
- Privilege Escalation
- Privilege Separation
- Procedural Security Guidelines - 2 3
- Process Algebras
- Proper Error Handling
- Pro Police
- PSDN Testing General Roadmap
- Psdn Testing Tools
- PSTN Testing Roadmap
- Purpose of RFID
- Q Preventing Location Attacks
- Radio Frequency Communication
- Ralink RT240025002570 and Serialmonkeys RT2x00
- Randomness
- Raoul Chiesa
- Rcconf
- Rcsubr8
- References and Further Reading
- Reflected XSS
- Registration Hijacking
- Replay Attacks
- Requirements That Electronic Evidence Must Fulfill to Be Admitted in Court
- Restrict System Calls with Systrace Interactive Policies
- RF Hacker Improvement Kit Antennas and Gain
- RF Propagation Boundaries
- RF Spectrum Analysis
- Rfid Components
- Rfid Frequency Standards
- RFID Guardian
- Rfid Hackers Toolkit
- RFID Readers Connected to a Linux System
- RFID Readers with Embedded Linux
- Rfid Technology Standards
- Rfid Uses
- RFIDEnabled Passports
- Roadrunners and Sale Agents RAS Dialups
- Root Privileges and Local Delivery Security
- Rootkit Defenses
- Second Approach
- Secondary MX Servers and User Validation
- Securelevel
- Security Features Found In All Bsds
- Security Guidelines - 2 3
- Security Scripts
- Semiformal Methods
- Sender Validation ImpersonationRepudiation
- Set Mount and Filesystem Options
- Setting Chroot Directory
- Shokdial
- Signal Jamming Attacks
- Signaling Attacks
- Signalingbased Denial of Service
- Silencing the Guard
- Simon Biles
- Single Point of Failures
- SIP Architecture
- Skimming Eavesdropping Attacks
- Smtp Attack Taxonomy
- Smtp Basics
- So Where Should You Start From
- Social Engineering
- Software Operating System
- Software Tools
- Software Vulnerability Exploitation
- Spam
- Specification Languages - 2
- Spoofing
- Spoofing Identities
- Spoofing Web Applications
- SQL Injection
- Sshdconfig5
- Standard User Permissions
- Static Analysis
- Static ARP Entries
- Statically Compiling Binaries
- Stealing Changing Data Using a Bootable Linux CD
- Stephane Lo Presti
- Strong Authentication
- Summary - 2 3 4 5 6 7 8 9 10 11 12 13 14 15
- Syscall Hooking Wrapping Rootkits Kernel Mode
- Sysctl8
- Syslogng
- System Accounting
- System Attacks
- System Development Life Cycle
- System Enumeration
- System Fingerprinting
- System Monitoring
- System Security Guidelines
- System Software Attacks
- Systrace1
- TCG Industrial Applications
- Temporal Logics
- Termination
- THCscan Next Generation
- The Basic Building Blocks Attacks And Countermeasures
- The CEO and Her Daughter RAS Dialups
- The Five Interactive Controls
- The Five Process Controls
- The Four Comprehensive Constraints
- The Social Aspect Dns And Phishing
- The State Of The Wireless
- The Stronger the Signal the Easier the Hack Amplitude
- The Weakest Precondition Calculus
- Thinking Outside the
- This Is an Attack Icon
- Thomas Bader
- Timing Attacks
- Tools Based on Model Checking
- Tools To
- TPM Emulator
- TPM Keyring
- TPM Reset Attacks
- Transport Attacks
- Trou SerS
- Trust
- Trust and Awareness Hijacking
- TrustedGRUB tGrub
- TScan
- Ttys5
- TurayaVPN and Turaya Crypt
- Ty Miller
- Umask
- Uncontrolled Email Traffic
- Understanding Sender and Envelope Sender
- Undesirable Access Enumeration
- Unencrypted Attacks
- Use Cryptographically Secured Services
- Use Encryption
- Use VPN for Remote Management
- User Awareness
- User Enumeration
- Van Eck Phreaking
- VAXVMS or AXPOpenVMS
- Veriexec4
- Verification Conditions
- Virtualization for Server Hardening
- Visibility
- Visualization
- Voip Attack Taxonomy
- VoIP Network Elements Attacks
- Volkan Erol
- Vudu
- VuXML
- W HTTP Response Splitting
- W Privilege Elevation
- Ward
- Watch Security Mailing Lists
- Wax
- Weak Cipher Suites and Encryption Protocols
- Weak File Permission and Attribute Exploitation
- Weak Network Architecture
- Web 20 Attacks
- Web Feed Hacking
- Web Infrastructure Attacks
- Web Infrastructure Detection
- Wepwpapsk Crackers
- Whois And Domain Registration And Domain Hijacking
- Whole Disk or Partition Encryption
- Wireless Access Point
- Wireless Auditing Activities And Procedures
- Wireless Client Auditing
- Wireless Fingerprinting
- Wireless Frame Analysis Practical Examples
- Wireless Frame Injectors
- Wireless Fuzzers
- Wireless Hacking Physics Radio Frequency
- Wireless Infrastructure Auditing
- Wireless Infrastructure Device Identification
- Wireless Intrusion Detection System
- Wireless MITM
- Wireless Sniffer
- Wm
- Word of Caution with Sudo
- Working with Electronic Evidence
- Writing Your Own Wireless Software
- X25 Addressing Format
- X28 Dialup via Reverse Charge
- X28 Dialup with NUI
- X3X28 PAD Answer Codes
- XML Injection