Re: [patch] PIII/Katmai & FXSAVE support, disable serial-#, 2.2.2

Daniel J. Frasnelli (dfrasnel@csee.wvu.edu)
Wed, 3 Mar 1999 19:16:44 -0500

> >a machine (I'll not digress into 101 ways to forge this). We use this
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> >method all the time when tracking an IP "bandit" on our network.
> Don't trust it! Spoofing the MAC address is quite easy for a knowledged
> cracker.
Yes, and I knew that when I wrote that - hence the
parenthtical comment :-) In practice (and this is localized to an
internal network of a few hundred machines), I can track a
bandit to at least 95% accuracy. Most of the time, it is a
secretary who played the
my-address-is-taken-so-I'll-just-choose-one-at-random game.
For those times when the source cannot be determined accurately,
it is often someone who brought their laptop in for the day
and "borrowed" an ethernet jack.

> It's just possible. You can just call cpuid from userspace. I never known
> if it's possible to disable it from userspace. The problem is that to
Right, that is true. And it is interesting to note that
the people saying that the Sun/SGI/etc. workstation sysid is
unique and secure apparently have not walked on the darker side of
the net, where sysid 'modifiers' (probably requires access to kmem)
to allow trickery of flexlm run rampant.
> understand what the browser is doing you have to read the asm. If instead
> the information cames from /proc you only need an `strace | grep
> /proc/cpuinfo'.
I would be wary of a web browser that did that anyhow, regardless
of what information it sought :-)

Regards,
Daniel

-- 


-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/