A Chipset Level Network Backdoor: Bypassing Host-Based Firewall & IDS

Free registration required

Executive Summary

Chipsets refer to a set of specialized chips on a computer's motherboard or an expansion card. This paper presents a proof of concept chipset level rootkit/network backdoor. It interacts directly with network interface card hardware based on a widely deployed Intel chipset 8255x, and it tested it successfully on two different Ethernet cards with this chipset. The network backdoor has the ability to both covertly send out packets and receive packets, without the need to disable security software installed in the compromised host in order to hide its presence.

  • Format: PDF
  • Size: 833.3 KB