Found, a new rootkit

Tim ignored_mailbox at yahoo.com.au
Tue Apr 11 04:55:59 UTC 2006


Tim:
>> Are you saying that unexpected data coming through your COM port
>> wouldn't generate IRQ messages (COM ports have an IRQ), which would be
>> kicking the CPU quite hard?  That's not exactly a trivial thing to
>> ignore.

Mike McCarty:
> The BIOS and MSDOS do not enable interrupts on the UART devices,
> hence the CPU doesn't see any requests.
> 
> Please don't lecture me about MSDOS systems programming. I wrote my
> first interrupt driven serial comm package for MSDOS in 1985.

Actually, I was asking a question, not giving a lecture, but since
you've taken that attitude, answer this:

In the BIOS you get to set the address and IRQ that a serial port will
use.  You can also set power wake up options that wake up the PC if a
particular IRQ is activated.  If you set it to wake up when the IRQ used
by the serial port is activated (i.e. an external modem wake-on-ring
type of function), the PC will wake up (serial port activity causing an
IRQ signal, waking up the system).

Now, *that* seems to refute your first assertion.  (The serial port
generated an IRQ signal, and the BIOS played a part in it.)

-- 
(Currently running FC4, occasionally trying FC5.)

Don't send private replies to my address, the mailbox is ignored.
I read messages from the public lists.




More information about the fedora-list mailing list