Catch up on stories from the past week (and beyond) at the Slashdot story archive

 


Forgot your password?
Close
typodupeerror
×
Security

Intrusion Detection For Your PC Case 213

Posted by Hemos from the gotta-catch-'em-all dept.
Anonymous Coward writes "Ryan du Bois, from genbukan security (aka red0x), has created a chassis intrusion detection system for your computer box: the actual physical case. He also wrote a paper describing three separate implementations of this CIDS system: Contacts, Pressure switchs, and a PLA (programmable microchip). Included in his paper are complete designs for the first two and a promise for the last to come soon. Definitely worth a read. The paper is available in many formats including OpenOffice 1.0, HTML , TEXT and a Tarball of them all. You can also obtain the signatures as well as his Automated Security Tools Project, of which this is a member."
This discussion has been archived. No new comments can be posted.

Intrusion Detection For Your PC Case More

Intrusion Detection For Your PC Case

Comments Filter:

  • Nothing New (Score:2, Informative)

    by thelizman ( 304517 ) <hammerattack@yah ... com minus distro> on Tuesday June 18, 2002 @11:47AM (#3722325) Homepage
    Dell Optiplexes could not be opened without tripping an internal warning that would flash on screen at reboot. You had to reset the bios based warning using a password to turn it off. Packard Bell and Compaq also did this years ago (I had a Compaq 286sx with an internal detection system which used a mercury switch)

    Oh yeah, FIRST POST BIATCH.

  • G4 Towers (Score:3, Informative)

    by krugdm ( 322700 ) <<moc.gurki> <ta> <todhsals>> on Tuesday June 18, 2002 @12:06PM (#3722491) Homepage Journal

    I like the system that Apple has put into their G4 Towers. There's a spring-loaded clip with a hole in it that pulls out of the back of the case. You can slip a cable/padlock/whatever through this which prevents the clip from springing back into the case.

    When the clip is out, the EZ-flip-down-door on the side of the case is locked, preventing unnoticable intrusion.

  • Re:News from an AC (Score:3, Informative)

    by Jucius Maximus ( 229128 ) on Tuesday June 18, 2002 @12:17PM (#3722572) Journal
    "I guess you can't expect much better in news from an AC. Maybe posting news should be restricted to users that are logged in. Has anyone seen useful articles from an AC before? Just curious."

    I suggest you search through the archives of "Ask Slashdot." You'll find many interesting stories where it is clear that if the poster's identity was given away, they would be in trouble with their boss/clients.

    Technology Sectors that are Hot or Heating Up Now? [slashdot.org]

    Is it Wrong to Accept an Employment Counter-Offer? [slashdot.org]

    Technology for Undercover Journalists? [slashdot.org]

    Convincing Management of Network Security Issues? [slashdot.org]

    Headhunting Laws? [slashdot.org]

    And more ...

  • locking seals (Score:2, Informative)

    by sparkamatic ( 572298 ) on Tuesday June 18, 2002 @02:48PM (#3723582)
    The company I work for makes seals mostly used in the tractor trailer business for securing trailer doors similar to hotel bar fridge seals. They are numbered and are a use once and throw away item. I find they work really good at securing PC cases.

  • Already aware and protected. (Score:1, Informative)

    by Syrcam ( 540030 ) on Tuesday June 18, 2002 @03:29PM (#3723885)
    I have chassis intrusion on my system, a Dell Optiplex gx400. It's a mechanism consisting of nothing but a jumper connection on the mobo and a push-style switch mounted on the chassis. WHen the cover is closed the switch is pushed in (and said jumper is registered by the BIOS as being "closed"). If you open the cover the switch pops up and the jumper circuit is opened. This change of jumper state is detected by the BIOS, and the BIOS modifies the chassis intrusion detected bit to "1". When you turn the system back on it greets you with an "Alert! Cover was previously removed" screen. The only way to reset the alert is to go into the CMOS setup and change the "chasis intrusion detection" option from "DETECTED" to "ENABLED".

    However, this type of chassis intrusion is not 100% fail-safe (email me if you know of any that is 100% fail-safe.... :] ). First off it's no good if the BIOS setup has not been password-protected, as any individual can go into the BIOS setup and reset the warning. There's also this workaround for the chassis intrusion switch that I figured out... cut the wire running from the chassis switch to the jumper connector in the mobo, and connect the two wires on the cable. Then sealing it with tape and tucking it away on the chassis railing. I did this hack on another Optiplex I owned and it worked. It never detected my chassis intrusions, so I could easily go in and out of my box without the pestering screen... I could also work with the machine being on and having the cover off (before I did the lil hack, it would automatically shut off if I opened - anyone know why this happened?).

    Well I made my post, my contribution (even if it's painfully redundant)...

Slashdot Top Deals

No man is an island if he's on at least one mailing list.

Close