Found, a new rootkit
jdow
jdow at earthlink.net
Tue Apr 11 07:29:19 UTC 2006
From: "Tim" <ignored_mailbox at yahoo.com.au>
> Tim:
>>> Are you saying that unexpected data coming through your COM port
>>> wouldn't generate IRQ messages (COM ports have an IRQ), which would be
>>> kicking the CPU quite hard? That's not exactly a trivial thing to
>>> ignore.
>
> Mike McCarty:
>> The BIOS and MSDOS do not enable interrupts on the UART devices,
>> hence the CPU doesn't see any requests.
>>
>> Please don't lecture me about MSDOS systems programming. I wrote my
>> first interrupt driven serial comm package for MSDOS in 1985.
>
> Actually, I was asking a question, not giving a lecture, but since
> you've taken that attitude, answer this:
>
> In the BIOS you get to set the address and IRQ that a serial port will
> use. You can also set power wake up options that wake up the PC if a
> particular IRQ is activated. If you set it to wake up when the IRQ used
> by the serial port is activated (i.e. an external modem wake-on-ring
> type of function), the PC will wake up (serial port activity causing an
> IRQ signal, waking up the system).
>
> Now, *that* seems to refute your first assertion. (The serial port
> generated an IRQ signal, and the BIOS played a part in it.)
Tendentious Tim, what was present to RECEIVE the IRQ message and how do
you know it was intercepted as a software IRQ and not a hardware signal
in a gate array that was enabled by a BIOS setting? I rather suspect it
would be a state machine in a gate array that is used for controlling a
signal that feeds to the power supply that turns it on.
{^_-}
More information about the fedora-list
mailing list